diff options
Diffstat (limited to 'docs/api/src/chapters/using-keys.sgml')
-rw-r--r-- | docs/api/src/chapters/using-keys.sgml | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/docs/api/src/chapters/using-keys.sgml b/docs/api/src/chapters/using-keys.sgml new file mode 100644 index 00000000..c2c90f50 --- /dev/null +++ b/docs/api/src/chapters/using-keys.sgml @@ -0,0 +1,26 @@ +<chapter id="xmlsec-notes-keys"> + <title>Keys.</title> + <para>A key in XML Security Library is a representation of the + <ulink URL="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo"><dsig:KeyInfo/></ulink> + element and consist of several key data objects. + The "value" key data usually contains raw key material (or handlers to + key material) required to execute particular crypto transform. Other + key data objects may contain any additional information about the key. + All the key data objects in the key are associated with the same key + material. For example, if a DSA key material has both an X509 + certificate and a PGP data associated with it then such a key can + have a DSA key "value" and two key data objects for X509 certificate + and PGP key data. + </para> + <figure> + <title>The key structure.</title> + <graphic fileref="images/key.png" align="center"></graphic> + </figure> + <para>XML Security Library has several "invisible" key data classes. + These classes never show up in the keys data list of a key but are used for + <ulink URL="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo"><dsig:KeyInfo/></ulink> + children processing (<ulink URL="http://www.w3.org/TR/xmldsig-core/#sec-KeyName"><dsig:KeyName/></ulink>, + <enc:EncryptedKey/>, ...). As with transforms, application might + add any new key data objects or replace the default ones. + </para> +</chapter> |