diff options
Diffstat (limited to 'docs/api/xmlsec-notes-verify-x509.html')
| -rw-r--r-- | docs/api/xmlsec-notes-verify-x509.html | 175 |
1 files changed, 48 insertions, 127 deletions
diff --git a/docs/api/xmlsec-notes-verify-x509.html b/docs/api/xmlsec-notes-verify-x509.html index 379aee3e..5e573104 100644 --- a/docs/api/xmlsec-notes-verify-x509.html +++ b/docs/api/xmlsec-notes-verify-x509.html @@ -1,137 +1,56 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> -<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> -<title>Verifing document signed with X509 certificates.</title> -<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.79"> -<link rel="HOME" title="XML Security Library Reference Manual" href="index.html"> -<link rel="UP" title="Using X509 Certificates." href="xmlsec-notes-x509.html"> -<link rel="PREVIOUS" title="Signing data with X509 certificate." href="xmlsec-notes-sign-x509.html"> -<link rel="NEXT" title="Transforms and transforms chain." href="xmlsec-notes-transforms.html"> -<style type="text/css">.synopsis, .classsynopsis { - background: #eeeeee; - border: solid 1px #aaaaaa; - padding: 0.5em; -} -.programlisting { - background: #eeeeff; - border: solid 1px #aaaaff; - padding: 0.5em; -} -.variablelist { - padding: 4px; - margin-left: 3em; -} -.navigation { - background: #ffeeee; - border: solid 1px #ffaaaa; - margin-top: 0.5em; - margin-bottom: 0.5em; -} -.navigation a { - color: #770000; -} -.navigation a:visited { - color: #550000; -} -.navigation .title { - font-size: 200%; -}</style> -<style type="text/css"> -table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) { - width: 20em; -} -.synopsis, .classsynopsis { - background: #eeeeee; - border: solid 1px #aaaaaa; -} -.programlisting { - background: #eeeeee; - border: solid 1px #000000; -} -.navigation { - background: #eeeeee; - border: solid 1px #000000; -} -.navigation a { - color: initial; -} -.navigation a:visited { - color: initial; -} -</style> +<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> +<title>Verifing document signed with X509 certificates.: XML Security Library Reference Manual</title> +<meta name="generator" content="DocBook XSL Stylesheets V1.79.1"> +<link rel="home" href="index.html" title="XML Security Library Reference Manual"> +<link rel="up" href="xmlsec-notes-x509.html" title="Using X509 Certificates."> +<link rel="prev" href="xmlsec-notes-sign-x509.html" title="Signing data with X509 certificate."> +<link rel="next" href="xmlsec-notes-transforms.html" title="Transforms and transforms chain."> +<meta name="generator" content="GTK-Doc V1.27 (XML mode)"> +<link rel="stylesheet" href="style.css" type="text/css"> </head> -<body><table width="100%" valign="top"><tr valign="top"> -<td valign="top" align="left" width="210"> -<img src="../images/logo.gif" alt="XML Security Library" border="0"><p></p> -<ul> -<li><a href="../index.html">Home</a></li> -<li><a href="../download.html">Download</a></li> -<li><a href="../news.html">News</a></li> -<li><a href="../documentation.html">Documentation</a></li> -<ul> -<li><a href="../faq.html">FAQ</a></li> -<li><a href="../api/xmlsec-notes.html">Tutorial</a></li> -<li><a href="../api/xmlsec-reference.html">API reference</a></li> -<li><a href="../api/xmlsec-examples.html">Examples</a></li> -</ul> -<li><a href="../xmldsig.html">XML Digital Signature</a></li> -<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul> -<li><a href="../xmlenc.html">XML Encryption</a></li> -<li><a href="../c14n.html">XML Canonicalization</a></li> -<li><a href="../bugs.html">Reporting Bugs</a></li> -<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li> -<li><a href="../related.html">Related</a></li> -<li><a href="../authors.html">Authors</a></li> -</ul> -<table width="100%"> -<tr> -<td width="15"></td> -<td><a href="http://xmlsoft.org/"><img src="../images/libxml2-logo.png" alt="LibXML2" border="0"></a></td> -</tr> -<tr> -<td width="15"></td> -<td><a href="http://xmlsoft.org/XSLT"><img src="../images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td> -</tr> -<tr> -<td width="15"></td> -<td><a href="http://www.openssl.org/"><img src="../images/openssl-logo.png" alt="OpenSSL" border="0"></a></td> -</tr> -<!--Links - start--><!--Links - end--> -</table> -</td> -<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent"> -<table width="100%" class="navigation" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle"> -<td><a accesskey="p" href="xmlsec-notes-sign-x509.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td> -<td><a accesskey="u" href="xmlsec-notes-x509.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td> +<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> +<table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="5"><tr valign="middle"> +<td width="100%" align="left" class="shortcuts"></td> <td><a accesskey="h" href="index.html"><img src="home.png" width="16" height="16" border="0" alt="Home"></a></td> -<th width="100%" align="center">XML Security Library Reference Manual</th> +<td><a accesskey="u" href="xmlsec-notes-x509.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td> +<td><a accesskey="p" href="xmlsec-notes-sign-x509.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td> <td><a accesskey="n" href="xmlsec-notes-transforms.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td> </tr></table> -<br clear="all"><div class="SECT1"> -<h1 class="SECT1"><a name="XMLSEC-NOTES-VERIFY-X509">Verifing document signed with X509 certificates.</a></h1> -<p> If the document is signed with an X509 certificate then the signature +<div class="sect1"> +<div class="titlepage"><div><div><h2 class="title" style="clear: both"> +<a name="xmlsec-notes-verify-x509"></a>Verifing document signed with X509 certificates.</h2></div></div></div> +<p> + If the document is signed with an X509 certificate then the signature verification consist of two steps: </p> -<p></p> -<ul> -<li><p>Creating and verifing X509 certificates chain. +<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "> +<li class="listitem"><p>Creating and verifing X509 certificates chain. </p></li> -<li><p>Verifing signature itself using key exrtacted from +<li class="listitem"><p>Verifing signature itself using key exrtacted from a certificate verified on previous step. </p></li> -</ul> +</ul></div> +<p> Certificates chain is constructed from certificates in a way that each certificate in the chain is signed with previous one: - <div class="FIGURE"> -<a name="AEN582"></a><p><b>Figure 1. Certificates chain.</b></p> -<pre class="PROGRAMLISTING">Certificate A (signed with B) <- Certificate B (signed with C) <- ... <- Root Certificate (signed by itself) - </pre> + </p> +<div class="figure"> +<a name="id-1.2.11.4.2.2"></a><p class="title"><b>Figure 8. Certificates chain.</b></p> +<div class="figure-contents"><pre class="programlisting"> +Certificate A (signed with B) <- Certificate B (signed with C) <- ... <- Root Certificate (signed by itself) + </pre></div> </div> +<p><br class="figure-break"> At the end of the chain there is a "Root Certificate" which is signed by itself. There is no way to verify the validity of the root certificate and application have to "trust" it (another name for root certificates is "trusted" certificates). - <p> Application can use <a href="xmlsec-app.html#XMLSECCRYPTOAPPKEYSMNGRCERTLOAD">xmlSecCryptoAppKeysMngrCertLoad</a> + </p> +<p> + Application can use <a class="link" href="xmlsec-app.html#xmlSecCryptoAppKeysMngrCertLoad" title="xmlSecCryptoAppKeysMngrCertLoad ()">xmlSecCryptoAppKeysMngrCertLoad</a> function to load both "trusted" and "un-trusted" certificates. However, the selection of "trusted" certificates is very sensitive process and this function might be @@ -140,9 +59,11 @@ table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) { or specified in crypto engine configuration files. Check XML Security Library API reference for more details. </p> -<div class="EXAMPLE"> -<a name="AEN587"></a><p><b>Example 3. Loading trusted X509 certificate.</b></p> -<pre class="PROGRAMLISTING">/** +<div class="example"> +<a name="id-1.2.11.4.3.2"></a><p class="title"><b>Example 22. Loading trusted X509 certificate.</b></p> +<div class="example-contents"> +<pre class="programlisting"> +/** * load_trusted_certs: * @files: the list of filenames. * @files_size: the number of filenames in #files. @@ -191,13 +112,13 @@ load_trusted_certs(char** files, int files_size) { return(mngr); } </pre> -<p><a href="xmlsec-verify-with-x509.html#XMLSEC-EXAMPLE-VERIFY3">Full program listing</a></p> +<p><a class="link" href="xmlsec-verify-with-x509.html#xmlsec-example-verify3" title="verify3.c">Full program listing</a></p> </div> - </div> -<table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle"> -<td align="left"><a accesskey="p" href="xmlsec-notes-sign-x509.html"><b><<< Signing data with X509 certificate.</b></a></td> -<td align="right"><a accesskey="n" href="xmlsec-notes-transforms.html"><b>Transforms and transforms chain. >>></b></a></td> -</tr></table> -</td></tr></table></td> -</tr></table></body> +</div> +<p><br class="example-break"> + </p> +</div> +<div class="footer"> +<hr>Generated by GTK-Doc V1.27</div> +</body> </html> |