Details
XMLSEC_TRANSFORM_BINARY_CHUNK
#define XMLSEC_TRANSFORM_BINARY_CHUNK 64
The binary data chunks size. XMLSec processes binary data one chunk
at a time. Changing this impacts xmlsec memory usage and performance.
xmlSecTransformIdsGet ()
xmlSecPtrListPtr xmlSecTransformIdsGet (void);
Gets global registered transform klasses list.
Returns : |
the pointer to list of all registered transform klasses. |
xmlSecTransformIdsInit ()
int xmlSecTransformIdsInit (void);
Initializes the transform klasses. This function is called from the
xmlSecInit function and the application should not call it directly.
Returns : |
0 on success or a negative value if an error occurs. |
xmlSecTransformIdsShutdown ()
void xmlSecTransformIdsShutdown (void);
Shuts down the keys data klasses. This function is called from the
xmlSecShutdown function and the application should not call it directly.
xmlSecTransformIdsRegisterDefault ()
int xmlSecTransformIdsRegisterDefault (void);
Registers default (implemented by XML Security Library)
transform klasses: XPath transform, Base64 transform, ...
Returns : |
0 on success or a negative value if an error occurs. |
xmlSecTransformIdsRegister ()
int xmlSecTransformIdsRegister (xmlSecTransformId id);
Registers id
in the global list of transform klasses.
id : |
the transform klass. |
Returns : |
0 on success or a negative value if an error occurs. |
enum xmlSecTransformStatus
typedef enum {
xmlSecTransformStatusNone = 0,
xmlSecTransformStatusWorking,
xmlSecTransformStatusFinished,
xmlSecTransformStatusOk,
xmlSecTransformStatusFail
} xmlSecTransformStatus;
The transform execution status.
enum xmlSecTransformMode
typedef enum {
xmlSecTransformModeNone = 0,
xmlSecTransformModePush,
xmlSecTransformModePop
} xmlSecTransformMode;
The transform operation mode
enum xmlSecTransformOperation
typedef enum {
xmlSecTransformOperationNone = 0,
xmlSecTransformOperationEncode,
xmlSecTransformOperationDecode,
xmlSecTransformOperationSign,
xmlSecTransformOperationVerify,
xmlSecTransformOperationEncrypt,
xmlSecTransformOperationDecrypt
} xmlSecTransformOperation;
The transform operation.
xmlSecTransformUriType
typedef unsigned int xmlSecTransformUriType;
URI transform type bit mask.
xmlSecTransformUriTypeNone
#define xmlSecTransformUriTypeNone 0x0000
The URI type is unknown or not set.
xmlSecTransformUriTypeEmpty
#define xmlSecTransformUriTypeEmpty 0x0001
The empty URI ("") type.
xmlSecTransformUriTypeSameDocument
#define xmlSecTransformUriTypeSameDocument 0x0002
The smae document ("#...") but not empty ("") URI type.
xmlSecTransformUriTypeLocal
#define xmlSecTransformUriTypeLocal 0x0004
The local URI ("file:///....") type.
xmlSecTransformUriTypeRemote
#define xmlSecTransformUriTypeRemote 0x0008
The remote URI type.
xmlSecTransformUriTypeAny
#define xmlSecTransformUriTypeAny 0xFFFF
Any URI type.
xmlSecTransformUriTypeCheck ()
int xmlSecTransformUriTypeCheck (xmlSecTransformUriType type,
const xmlChar *uri);
Checks if uri
matches expected type type
.
type : |
the expected URI type. |
uri : |
the uri for checking. |
Returns : |
1 if uri matches type , 0 if not or a negative value
if an error occurs. |
xmlSecTransformDataType
typedef xmlSecByte xmlSecTransformDataType;
Transform data type bit mask.
xmlSecTransformDataTypeUnknown
#define xmlSecTransformDataTypeUnknown 0x0000
The transform data type is unknown or nor data expected.
xmlSecTransformDataTypeBin
#define xmlSecTransformDataTypeBin 0x0001
The binary transform data.
xmlSecTransformDataTypeXml
#define xmlSecTransformDataTypeXml 0x0002
The xml transform data.
xmlSecTransformUsage
typedef unsigned int xmlSecTransformUsage;
The transform usage bit mask.
xmlSecTransformUsageUnknown
#define xmlSecTransformUsageUnknown 0x0000
Transforms usage is unknown or undefined.
xmlSecTransformUsageDSigTransform
#define xmlSecTransformUsageDSigTransform 0x0001
Transform could be used in <dsig:Transform>.
xmlSecTransformUsageC14NMethod
#define xmlSecTransformUsageC14NMethod 0x0002
Transform could be used in <dsig:CanonicalizationMethod>.
xmlSecTransformUsageDigestMethod
#define xmlSecTransformUsageDigestMethod 0x0004
Transform could be used in <dsig:DigestMethod>.
xmlSecTransformUsageSignatureMethod
#define xmlSecTransformUsageSignatureMethod 0x0008
Transform could be used in <dsig:SignatureMethod>.
xmlSecTransformUsageEncryptionMethod
#define xmlSecTransformUsageEncryptionMethod 0x0010
Transform could be used in <enc:EncryptionMethod>.
xmlSecTransformUsageAny
#define xmlSecTransformUsageAny 0xFFFF
Transform could be used for operation.
xmlSecTransformCtxPreExecuteCallback ()
int (*xmlSecTransformCtxPreExecuteCallback)
(xmlSecTransformCtxPtr transformCtx);
The callback called after creating transforms chain but before
starting data processing. Application can use this callback to
do additional transforms chain verification or modification and
aborting transforms execution (if necessary).
transformCtx : |
the pointer to transform's context. |
Returns : |
0 on success and a negative value otherwise (in this case,
transforms chain will not be executed and xmlsec processing stops). |
XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK
#define XMLSEC_TRANSFORMCTX_FLAGS_USE_VISA3D_HACK 0x00000001
If this flag is set then URI ID references are resolved directly
without using XPointers. This allows one to sign/verify Visa3D
documents that don't follow XML, XPointer and XML DSig specifications.
struct xmlSecTransformCtx
struct xmlSecTransformCtx {
/* user settings */
void* userData;
unsigned int flags;
unsigned int flags2;
xmlSecTransformUriType enabledUris;
xmlSecPtrList enabledTransforms;
xmlSecTransformCtxPreExecuteCallback preExecCallback;
/* results */
xmlSecBufferPtr result;
xmlSecTransformStatus status;
xmlChar* uri;
xmlChar* xptrExpr;
xmlSecTransformPtr first;
xmlSecTransformPtr last;
/* for the future */
void* reserved0;
void* reserved1;
};
The transform execution context.
xmlSecTransformCtxCreate ()
xmlSecTransformCtxPtr xmlSecTransformCtxCreate (void);
Creates transforms chain processing context.
The caller is responsible for destroying returend object by calling
xmlSecTransformCtxDestroy function.
Returns : |
pointer to newly allocated context object or NULL if an error
occurs. |
xmlSecTransformCtxInitialize ()
int xmlSecTransformCtxInitialize (xmlSecTransformCtxPtr ctx);
Initializes transforms chain processing context.
The caller is responsible for cleaing up returend object by calling
xmlSecTransformCtxFinalize function.
ctx : |
the pointer to transforms chain processing context. |
Returns : |
0 on success or a negative value if an error occurs. |
xmlSecTransformCtxReset ()
void xmlSecTransformCtxReset (xmlSecTransformCtxPtr ctx);
Resets transfroms context for new processing.
ctx : |
the pointer to transforms chain processing context. |
xmlSecTransformCtxCopyUserPref ()
int xmlSecTransformCtxCopyUserPref (xmlSecTransformCtxPtr dst,
xmlSecTransformCtxPtr src);
Copies user settings from src
context to dst
.
dst : |
the pointer to destination transforms chain processing context. |
src : |
the pointer to source transforms chain processing context. |
Returns : |
0 on success or a negative value otherwise. |
xmlSecTransformCtxSetUri ()
int xmlSecTransformCtxSetUri (xmlSecTransformCtxPtr ctx,
const xmlChar *uri,
xmlNodePtr hereNode);
Parses uri and adds xpointer transforms if required.
The following examples demonstrate what the URI attribute identifies and
how it is dereferenced
(http://www.w3.org/TR/xmldsig-core/sec-ReferenceProcessingModel):
- URI="http://example.com/bar.xml"
identifies the octets that represent the external resource
'http://example.com/bar.xml', that is probably an XML document given
its file extension.
- URI="http://example.com/bar.xmlchapter1"
identifies the element with ID attribute value 'chapter1' of the
external XML resource 'http://example.com/bar.xml', provided as an
octet stream. Again, for the sake of interoperability, the element
identified as 'chapter1' should be obtained using an XPath transform
rather than a URI fragment (barename XPointer resolution in external
resources is not REQUIRED in this specification).
- URI=""
identifies the node-set (minus any comment nodes) of the XML resource
containing the signature
- URI="chapter1"
identifies a node-set containing the element with ID attribute value
'chapter1' of the XML resource containing the signature. XML Signature
(and its applications) modify this node-set to include the element plus
all descendents including namespaces and attributes -- but not comments.
ctx : |
the pointer to transforms chain processing context. |
uri : |
the URI. |
hereNode : |
the pointer to "here" node required by some
XML transforms (may be NULL). |
Returns : |
0 on success or a negative value otherwise. |
xmlSecTransformCtxCreateAndAppend ()
xmlSecTransformPtr xmlSecTransformCtxCreateAndAppend (xmlSecTransformCtxPtr ctx,
xmlSecTransformId id);
Creaeates new transform and connects it to the end of the chain of
transforms in the ctx
(see xmlSecTransformConnect function for details).
ctx : |
the pointer to transforms chain processing context. |
id : |
the new transform klass. |
Returns : |
pointer to newly created transform or NULL if an error occurs. |
xmlSecTransformCtxCreateAndPrepend ()
xmlSecTransformPtr xmlSecTransformCtxCreateAndPrepend (xmlSecTransformCtxPtr ctx,
xmlSecTransformId id);
Creaeates new transform and connects it to the end of the chain of
transforms in the ctx
(see xmlSecTransformConnect function for details).
ctx : |
the pointer to transforms chain processing context. |
id : |
the new transform klass. |
Returns : |
pointer to newly created transform or NULL if an error occurs. |
xmlSecTransformCtxNodeRead ()
xmlSecTransformPtr xmlSecTransformCtxNodeRead (xmlSecTransformCtxPtr ctx,
xmlNodePtr node,
xmlSecTransformUsage usage);
Reads the transform from the node
and appends it to the current chain
of transforms in ctx
.
ctx : |
the pointer to transforms chain processing context. |
node : |
the pointer to transform's node. |
usage : |
the transform's usage (signature, encryption, etc.). |
Returns : |
pointer to newly created transform or NULL if an error occurs. |
xmlSecTransformCtxBinaryExecute ()
int xmlSecTransformCtxBinaryExecute (xmlSecTransformCtxPtr ctx,
const xmlSecByte *data,
xmlSecSize dataSize);
Processes binary data using transforms chain in the ctx
.
ctx : |
the pointer to transforms chain processing context. |
data : |
the input binary data buffer. |
dataSize : |
the input data size. |
Returns : |
0 on success or a negative value otherwise. |
xmlSecTransformCtxUriExecute ()
int xmlSecTransformCtxUriExecute (xmlSecTransformCtxPtr ctx,
const xmlChar *uri);
Process binary data from the URI using transforms chain in ctx
.
ctx : |
the pointer to transforms chain processing context. |
uri : |
the URI. |
Returns : |
0 on success or a negative value otherwise. |
xmlSecTransformCtxXmlExecute ()
int xmlSecTransformCtxXmlExecute (xmlSecTransformCtxPtr ctx,
xmlSecNodeSetPtr nodes);
Process nodes
using transforms in the transforms chain in ctx
.
ctx : |
the pointer to transforms chain processing context. |
nodes : |
the input node set. |
Returns : |
0 on success or a negative value otherwise. |
xmlSecTransformCtxExecute ()
int xmlSecTransformCtxExecute (xmlSecTransformCtxPtr ctx,
xmlDocPtr doc);
Executes transforms chain in ctx
.
ctx : |
the pointer to transforms chain processing context. |
doc : |
the pointer to input document. |
Returns : |
0 on success or a negative value otherwise. |
xmlSecTransformCtxDebugDump ()
void xmlSecTransformCtxDebugDump (xmlSecTransformCtxPtr ctx,
FILE *output);
Prints transforms context debug information to output
.
ctx : |
the pointer to transforms chain processing context. |
output : |
the pointer to output FILE. |
xmlSecTransformCtxDebugXmlDump ()
void xmlSecTransformCtxDebugXmlDump (xmlSecTransformCtxPtr ctx,
FILE *output);
Prints transforms context debug information to output
in XML format.
ctx : |
the pointer to transforms chain processing context. |
output : |
the pointer to output FILE. |
struct xmlSecTransform
struct xmlSecTransform {
xmlSecTransformId id;
xmlSecTransformOperation operation;
xmlSecTransformStatus status;
xmlNodePtr hereNode;
/* transforms chain */
xmlSecTransformPtr next;
xmlSecTransformPtr prev;
/* binary data */
xmlSecBuffer inBuf;
xmlSecBuffer outBuf;
/* xml data */
xmlSecNodeSetPtr inNodes;
xmlSecNodeSetPtr outNodes;
/* reserved for the future */
void* reserved0;
void* reserved1;
};
The transform structure.
xmlSecTransformCreate ()
xmlSecTransformPtr xmlSecTransformCreate (xmlSecTransformId id);
Creates new transform of the id
klass. The caller is responsible for
destroying returned tansform using xmlSecTransformDestroy function.
id : |
the transform id to create. |
Returns : |
pointer to newly created transform or NULL if an error occurs. |
xmlSecTransformNodeRead ()
xmlSecTransformPtr xmlSecTransformNodeRead (xmlNodePtr node,
xmlSecTransformUsage usage,
xmlSecTransformCtxPtr transformCtx);
Reads transform from the node
as follows:
1) reads "Algorithm" attribute;
2) checks the lists of known and allowed transforms;
3) calls transform's create method;
4) calls transform's read transform node method.
node : |
the pointer to the transform's node. |
usage : |
the transform usage (signature, encryption, ...). |
transformCtx : |
the transform's chaing processing context. |
Returns : |
pointer to newly created transform or NULL if an error occurs. |
xmlSecTransformSetKeyReq ()
int xmlSecTransformSetKeyReq (xmlSecTransformPtr transform,
xmlSecKeyReqPtr keyReq);
Sets the key requirements for transform
in the keyReq
.
transform : |
the pointer to transform. |
keyReq : |
the pointer to keys requirements object. |
Returns : |
0 on success or a negative value otherwise. |
xmlSecTransformExecute ()
int xmlSecTransformExecute (xmlSecTransformPtr transform,
int last,
xmlSecTransformCtxPtr transformCtx);
Executes transform (used by default popBin/pushBin/popXml/pushXml methods).
transform : |
the pointer to transform. |
last : |
the flag: if set to 1 then it's the last data chunk. |
transformCtx : |
the transform's chaing processing context. |
Returns : |
0 on success or a negative value if an error occurs. |
xmlSecTransformDebugDump ()
void xmlSecTransformDebugDump (xmlSecTransformPtr transform,
FILE *output);
Prints transform's debug information to output
.
xmlSecTransformDebugXmlDump ()
void xmlSecTransformDebugXmlDump (xmlSecTransformPtr transform,
FILE *output);
Prints transform's debug information to output
in XML format.
xmlSecTransformGetName()
#define xmlSecTransformGetName(transform)
Macro. Returns transform name.
xmlSecTransformIsValid()
#define xmlSecTransformIsValid(transform)
Macro. Returns 1 if the transform
is valid or 0 otherwise.
xmlSecTransformCheckType()
#define xmlSecTransformCheckType(transform, t)
Macro. Returns 1 if the transform
is valid and has specified type t
or 0 otherwise.
xmlSecTransformCheckId()
#define xmlSecTransformCheckId(transform, i)
Macro. Returns 1 if the transform
is valid and has specified id i
or 0 otherwise.
xmlSecTransformCheckSize()
#define xmlSecTransformCheckSize(transform, size)
Macro. Returns 1 if the transform
is valid and has at least size
bytes or 0 otherwise.
xmlSecTransformConnect ()
int xmlSecTransformConnect (xmlSecTransformPtr left,
xmlSecTransformPtr right,
xmlSecTransformCtxPtr transformCtx);
If the data object is a node-set and the next transform requires octets,
the signature application MUST attempt to convert the node-set to an octet
stream using Canonical XML [XML-C14N].
The story is different if the right transform is base64 decode
(http://www.w3.org/TR/xmldsig-core/sec-Base-64):
This transform requires an octet stream for input. If an XPath node-set
(or sufficiently functional alternative) is given as input, then it is
converted to an octet stream by performing operations logically equivalent
to 1) applying an XPath transform with expression self::text()
, then 2)
taking the string-value of the node-set. Thus, if an XML element is
identified by a barename XPointer in the Reference URI, and its content
consists solely of base64 encoded character data, then this transform
automatically strips away the start and end tags of the identified element
and any of its descendant elements as well as any descendant comments and
processing instructions. The output of this transform is an octet stream.
left : |
the pointer to left (prev) transform. |
right : |
the pointer to right (next) transform. |
transformCtx : |
the transform's chaing processing context. |
Returns : |
0 on success or a negative value if an error occurs. |
xmlSecTransformRemove ()
void xmlSecTransformRemove (xmlSecTransformPtr transform);
Removes transform
from the chain.
xmlSecTransformDefaultPopBin ()
int xmlSecTransformDefaultPopBin (xmlSecTransformPtr transform,
xmlSecByte *data,
xmlSecSize maxDataSize,
xmlSecSize *dataSize,
xmlSecTransformCtxPtr transformCtx);
Pops data from previous transform in the chain, processes data by calling
transform's execute method and returns result in the data
buffer. The
size of returned data is placed in the dataSize
.
xmlSecTransformDefaultPopXml ()
int xmlSecTransformDefaultPopXml (xmlSecTransformPtr transform,
xmlSecNodeSetPtr *nodes,
xmlSecTransformCtxPtr transformCtx);
Pops data from previous transform in the chain, processes the data
by calling transform's execute method and returns result in nodes
.
transform : |
the pointer to transform object. |
nodes : |
the pointer to store popinter to result nodes. |
transformCtx : |
the pointer to transform context object. |
Returns : |
0 on success or a negative value if an error occurs. |
xmlSecTransformCreateOutputBuffer ()
xmlOutputBufferPtr xmlSecTransformCreateOutputBuffer (xmlSecTransformPtr transform,
xmlSecTransformCtxPtr transformCtx);
Creates output buffer to write data to transform
.
xmlSecTransformCreateInputBuffer ()
xmlParserInputBufferPtr xmlSecTransformCreateInputBuffer
(xmlSecTransformPtr transform,
xmlSecTransformCtxPtr transformCtx);
Creates input buffer to read data from transform
.
xmlSecTransformInitializeMethod ()
int (*xmlSecTransformInitializeMethod) (xmlSecTransformPtr transform);
The transform specific initialization method.
xmlSecTransformFinalizeMethod ()
void (*xmlSecTransformFinalizeMethod) (xmlSecTransformPtr transform);
The transform specific destroy method.
xmlSecTransformNodeReadMethod ()
int (*xmlSecTransformNodeReadMethod) (xmlSecTransformPtr transform,
xmlNodePtr node,
xmlSecTransformCtxPtr transformCtx);
The transform specific method to read the transform data from
the node
.
xmlSecTransformNodeWriteMethod ()
int (*xmlSecTransformNodeWriteMethod) (xmlSecTransformPtr transform,
xmlNodePtr node,
xmlSecTransformCtxPtr transformCtx);
The transform specific method to write transform information to an XML node node
.
xmlSecTransformSetKeyRequirementsMethod ()
int (*xmlSecTransformSetKeyRequirementsMethod)
(xmlSecTransformPtr transform,
xmlSecKeyReqPtr keyReq);
Transform specific method to set transform's key requirements.
transform : |
the pointer to transform object. |
keyReq : |
the pointer to key requirements structure. |
Returns : |
0 on success or a negative value otherwise. |
xmlSecTransformSetKeyMethod ()
int (*xmlSecTransformSetKeyMethod) (xmlSecTransformPtr transform,
xmlSecKeyPtr key);
The transform specific method to set the key for use.
xmlSecTransformPushBinMethod ()
int (*xmlSecTransformPushBinMethod) (xmlSecTransformPtr transform,
const xmlSecByte *data,
xmlSecSize dataSize,
int final,
xmlSecTransformCtxPtr transformCtx);
The transform specific method to process data from data
and push
result to the next transform in the chain.
xmlSecTransformPopBinMethod ()
int (*xmlSecTransformPopBinMethod) (xmlSecTransformPtr transform,
xmlSecByte *data,
xmlSecSize maxDataSize,
xmlSecSize *dataSize,
xmlSecTransformCtxPtr transformCtx);
The transform specific method to pop data from previous transform
in the chain and return result in the data
buffer. The size of returned
data is placed in the dataSize
.
xmlSecTransformPopXmlMethod ()
int (*xmlSecTransformPopXmlMethod) (xmlSecTransformPtr transform,
xmlSecNodeSetPtr *nodes,
xmlSecTransformCtxPtr transformCtx);
The transform specific method to pop data from previous transform in the chain,
process the data and return result in nodes
.
transform : |
the pointer to transform object. |
nodes : |
the pointer to store popinter to result nodes. |
transformCtx : |
the pointer to transform context object. |
Returns : |
0 on success or a negative value otherwise. |
xmlSecTransformExecuteMethod ()
int (*xmlSecTransformExecuteMethod) (xmlSecTransformPtr transform,
int last,
xmlSecTransformCtxPtr transformCtx);
Transform specific method to process a chunk of data.
transform : |
the pointer to transform object. |
last : |
the flag: if set to 1 then it's the last data chunk. |
transformCtx : |
the pointer to transform context object. |
Returns : |
0 on success or a negative value otherwise. |
struct xmlSecTransformKlass
struct xmlSecTransformKlass {
/* data */
xmlSecSize klassSize;
xmlSecSize objSize;
const xmlChar* name;
const xmlChar* href;
xmlSecTransformUsage usage;
/* methods */
xmlSecTransformInitializeMethod initialize;
xmlSecTransformFinalizeMethod finalize;
xmlSecTransformNodeReadMethod readNode;
xmlSecTransformNodeWriteMethod writeNode;
xmlSecTransformSetKeyRequirementsMethod setKeyReq;
xmlSecTransformSetKeyMethod setKey;
xmlSecTransformVerifyMethod verify;
xmlSecTransformGetDataTypeMethod getDataType;
xmlSecTransformPushBinMethod pushBin;
xmlSecTransformPopBinMethod popBin;
xmlSecTransformPushXmlMethod pushXml;
xmlSecTransformPopXmlMethod popXml;
/* low level method */
xmlSecTransformExecuteMethod execute;
/* reserved for future */
void* reserved0;
void* reserved1;
};
The transform klass desccription structure.
xmlSecTransformKlassGetName()
#define xmlSecTransformKlassGetName(klass)
Macro. Returns transform klass name.
xmlSecTransformIdListId
#define xmlSecTransformIdListId xmlSecTransformIdListGetKlass()
Transform klasses list klass.
xmlSecTransformIdListGetKlass ()
xmlSecPtrListId xmlSecTransformIdListGetKlass (void);
The transform id list klass.
Returns : |
pointer to the transform id list klass. |
xmlSecTransformIdListFind ()
int xmlSecTransformIdListFind (xmlSecPtrListPtr list,
xmlSecTransformId transformId);
Lookups dataId
in list
.
list : |
the pointer to transform ids list. |
transformId : |
the transform klass. |
Returns : |
1 if dataId is found in the list , 0 if not and a negative
value if an error occurs. |
xmlSecTransformIdListFindByHref ()
xmlSecTransformId xmlSecTransformIdListFindByHref (xmlSecPtrListPtr list,
const xmlChar *href,
xmlSecTransformUsage usage);
Lookups data klass in the list with given href
and usage
in list
.
list : |
the pointer to transform ids list. |
href : |
the desired transform klass href. |
usage : |
the desired transform usage. |
Returns : |
transform klass is found and NULL otherwise. |
xmlSecTransformIdListFindByName ()
xmlSecTransformId xmlSecTransformIdListFindByName (xmlSecPtrListPtr list,
const xmlChar *name,
xmlSecTransformUsage usage);
Lookups data klass in the list with given name
and usage
in list
.
list : |
the pointer to transform ids list. |
name : |
the desired transform klass name. |
usage : |
the desired transform usage. |
Returns : |
transform klass is found and NULL otherwise. |
xmlSecTransformIdListDebugDump ()
void xmlSecTransformIdListDebugDump (xmlSecPtrListPtr list,
FILE *output);
Prints binary transform debug information to output
.
list : |
the pointer to transform ids list. |
output : |
the pointer to output FILE. |
xmlSecTransformIdListDebugXmlDump ()
void xmlSecTransformIdListDebugXmlDump (xmlSecPtrListPtr list,
FILE *output);
Prints binary transform debug information to output
in XML format.
list : |
the pointer to transform ids list. |
output : |
the pointer to output FILE. |
xmlSecTransformIdUnknown
#define xmlSecTransformIdUnknown ((xmlSecTransformId)NULL)
The "unknown" transform id (NULL).
xmlSecTransformBase64Id
#define xmlSecTransformBase64Id
The base64 encode transform klass.
xmlSecTransformBase64GetKlass ()
xmlSecTransformId xmlSecTransformBase64GetKlass (void);
The Base64 transform klass (http://www.w3.org/TR/xmldsig-core/sec-Base-64).
The normative specification for base64 decoding transforms is RFC 2045
(http://www.ietf.org/rfc/rfc2045.txt). The base64 Transform element has
no content. The input is decoded by the algorithms. This transform is
useful if an application needs to sign the raw data associated with
the encoded content of an element.
xmlSecTransformBase64SetLineSize ()
void xmlSecTransformBase64SetLineSize (xmlSecTransformPtr transform,
xmlSecSize lineSize);
Sets the max line size to lineSize
.
xmlSecTransformInclC14NId
#define xmlSecTransformInclC14NId
The regular (inclusive) C14N without comments transform klass.
xmlSecTransformInclC14NGetKlass ()
xmlSecTransformId xmlSecTransformInclC14NGetKlass (void);
Inclusive (regular) canonicalization that omits comments transform klass
(http://www.w3.org/TR/xmldsig-core/sec-c14nAlg and
http://www.w3.org/TR/2001/REC-xml-c14n-20010315).
xmlSecTransformInclC14NWithCommentsId
#define xmlSecTransformInclC14NWithCommentsId
The regular (inclusive) C14N with comments transform klass.
xmlSecTransformInclC14NWithCommentsGetKlass ()
xmlSecTransformId xmlSecTransformInclC14NWithCommentsGetKlass
(void);
Inclusive (regular) canonicalization that includes comments transform klass
(http://www.w3.org/TR/xmldsig-core/sec-c14nAlg and
http://www.w3.org/TR/2001/REC-xml-c14n-20010315).
xmlSecTransformInclC14N11Id
#define xmlSecTransformInclC14N11Id
The regular (inclusive) C14N 1.1 without comments transform klass.
xmlSecTransformInclC14N11GetKlass ()
xmlSecTransformId xmlSecTransformInclC14N11GetKlass (void);
C14N version 1.1 (http://www.w3.org/TR/xml-c14n11)
xmlSecTransformInclC14N11WithCommentsId
#define xmlSecTransformInclC14N11WithCommentsId
The regular (inclusive) C14N 1.1 with comments transform klass.
xmlSecTransformInclC14N11WithCommentsGetKlass ()
xmlSecTransformId xmlSecTransformInclC14N11WithCommentsGetKlass
(void);
C14N version 1.1 (http://www.w3.org/TR/xml-c14n11) with comments
Returns : |
c14n v1.1 with comments transform id. |
xmlSecTransformExclC14NId
#define xmlSecTransformExclC14NId
The exclusive C14N without comments transform klass.
xmlSecTransformExclC14NGetKlass ()
xmlSecTransformId xmlSecTransformExclC14NGetKlass (void);
Exclusive canoncicalization that ommits comments transform klass
(http://www.w3.org/TR/xml-exc-c14n/).
xmlSecTransformExclC14NWithCommentsId
#define xmlSecTransformExclC14NWithCommentsId
The exclusive C14N with comments transform klass.
xmlSecTransformExclC14NWithCommentsGetKlass ()
xmlSecTransformId xmlSecTransformExclC14NWithCommentsGetKlass
(void);
Exclusive canoncicalization that includes comments transform klass
(http://www.w3.org/TR/xml-exc-c14n/).
Returns : |
exclusive c14n with comments transform id. |
xmlSecTransformEnvelopedId
#define xmlSecTransformEnvelopedId
The "enveloped" transform klass.
xmlSecTransformEnvelopedGetKlass ()
xmlSecTransformId xmlSecTransformEnvelopedGetKlass (void);
The enveloped transform klass (http://www.w3.org/TR/xmldsig-core/sec-EnvelopedSignature):
An enveloped signature transform T removes the whole Signature element
containing T from the digest calculation of the Reference element
containing T. The entire string of characters used by an XML processor
to match the Signature with the XML production element is removed.
The output of the transform is equivalent to the output that would
result from replacing T with an XPath transform containing the following
XPath parameter element:
<XPath xmlns:dsig="&dsig;">
count(ancestor-or-self::dsig:Signature |
here()
/ancestor::dsig:Signature[1]) >
count(ancestor-or-self::dsig:Signature)</XPath>
The input and output requirements of this transform are identical to
those of the XPath transform, but may only be applied to a node-set from
its parent XML document. Note that it is not necessary to use an XPath
expression evaluator to create this transform. However, this transform
MUST produce output in exactly the same manner as the XPath transform
parameterized by the XPath expression above.
xmlSecTransformXPathId
#define xmlSecTransformXPathId
The XPath transform klass.
xmlSecTransformXPathGetKlass ()
xmlSecTransformId xmlSecTransformXPathGetKlass (void);
The XPath transform evaluates given XPath expression and
intersects the result with the previous nodes set. See
http://www.w3.org/TR/xmldsig-core/sec-XPath for more details.
xmlSecTransformXPath2Id
#define xmlSecTransformXPath2Id
The XPath2 transform klass.
xmlSecTransformXPath2GetKlass ()
xmlSecTransformId xmlSecTransformXPath2GetKlass (void);
The XPath2 transform (http://www.w3.org/TR/xmldsig-filter2/).
xmlSecTransformXPointerId
#define xmlSecTransformXPointerId
The XPointer transform klass.
xmlSecTransformXPointerGetKlass ()
xmlSecTransformId xmlSecTransformXPointerGetKlass (void);
The XPointer transform klass
(http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt).
xmlSecTransformXPointerSetExpr ()
int xmlSecTransformXPointerSetExpr (xmlSecTransformPtr transform,
const xmlChar *expr,
xmlSecNodeSetType nodeSetType,
xmlNodePtr hereNode);
Sets the XPointer expression for an XPointer transform
.
xmlSecTransformXsltId
#define xmlSecTransformXsltId
The XSLT transform klass.
xmlSecTransformXsltGetKlass ()
xmlSecTransformId xmlSecTransformXsltGetKlass (void);
XSLT transform klass (http://www.w3.org/TR/xmldsig-core/sec-XSLT):
The normative specification for XSL Transformations is [XSLT].
Specification of a namespace-qualified stylesheet element, which MUST be
the sole child of the Transform element, indicates that the specified style
sheet should be used. Whether this instantiates in-line processing of local
XSLT declarations within the resource is determined by the XSLT processing
model; the ordered application of multiple stylesheet may require multiple
Transforms. No special provision is made for the identification of a remote
stylesheet at a given URI because it can be communicated via an xsl:include
or xsl:import within the stylesheet child of the Transform.
This transform requires an octet stream as input. If the actual input is an
XPath node-set, then the signature application should attempt to convert it
to octets (apply Canonical XML]) as described in the Reference Processing
Model (section 4.3.3.2).]
The output of this transform is an octet stream. The processing rules for
the XSL style sheet or transform element are stated in the XSLT specification
[XSLT]. We RECOMMEND that XSLT transform authors use an output method of xml
for XML and HTML. As XSLT implementations do not produce consistent
serializations of their output, we further RECOMMEND inserting a transform
after the XSLT transform to canonicalize the output. These steps will help
to ensure interoperability of the resulting signatures among applications
that support the XSLT transform. Note that if the output is actually HTML,
then the result of these steps is logically equivalent [XHTML].
xmlSecTransformRemoveXmlTagsC14NId
#define xmlSecTransformRemoveXmlTagsC14NId
The "remove all xml tags" transform klass (used before base64 transforms).
xmlSecTransformRemoveXmlTagsC14NGetKlass ()
xmlSecTransformId xmlSecTransformRemoveXmlTagsC14NGetKlass
(void);
The "remove xml tags" transform klass (http://www.w3.org/TR/xmldsig-core/sec-Base-64):
Base64 transform requires an octet stream for input. If an XPath node-set
(or sufficiently functional alternative) is given as input, then it is
converted to an octet stream by performing operations logically equivalent
to 1) applying an XPath transform with expression self::text()
, then 2)
taking the string-value of the node-set. Thus, if an XML element is
identified by a barename XPointer in the Reference URI, and its content
consists solely of base64 encoded character data, then this transform
automatically strips away the start and end tags of the identified element
and any of its descendant elements as well as any descendant comments and
processing instructions. The output of this transform is an octet stream.
xmlSecTransformVisa3DHackId
#define xmlSecTransformVisa3DHackId
Selects node subtree by given node id string. The only reason why we need this
is Visa3D protocol. It doesn't follow XML/XPointer/XMLDSig specs and allows
invalid XPointer expressions in the URI attribute. Since we couldn't evaluate
such expressions thru XPath/XPointer engine, we need to have this hack here.
xmlSecTransformVisa3DHackGetKlass ()
xmlSecTransformId xmlSecTransformVisa3DHackGetKlass (void);
The Visa3DHack transform klass. The only reason why we need this
is Visa3D protocol. It doesn't follow XML/XPointer/XMLDSig specs and allows
invalid XPointer expressions in the URI attribute. Since we couldn't evaluate
such expressions thru XPath/XPointer engine, we need to have this hack here.
xmlSecTransformVisa3DHackSetID ()
int xmlSecTransformVisa3DHackSetID (xmlSecTransformPtr transform,
const xmlChar *id);
Sets the ID value for an Visa3DHack transform
.
transform : |
the pointer to Visa3DHack transform. |
id : |
the ID value. |
Returns : |
0 on success or a negative value if an error occurs. |