blob: c2c90f500724919a1f9a66193ed2950ad3b5901b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
<chapter id="xmlsec-notes-keys">
<title>Keys.</title>
<para>A key in XML Security Library is a representation of the
<ulink URL="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo"><dsig:KeyInfo/></ulink>
element and consist of several key data objects.
The "value" key data usually contains raw key material (or handlers to
key material) required to execute particular crypto transform. Other
key data objects may contain any additional information about the key.
All the key data objects in the key are associated with the same key
material. For example, if a DSA key material has both an X509
certificate and a PGP data associated with it then such a key can
have a DSA key "value" and two key data objects for X509 certificate
and PGP key data.
</para>
<figure>
<title>The key structure.</title>
<graphic fileref="images/key.png" align="center"></graphic>
</figure>
<para>XML Security Library has several "invisible" key data classes.
These classes never show up in the keys data list of a key but are used for
<ulink URL="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo"><dsig:KeyInfo/></ulink>
children processing (<ulink URL="http://www.w3.org/TR/xmldsig-core/#sec-KeyName"><dsig:KeyName/></ulink>,
<enc:EncryptedKey/>, ...). As with transforms, application might
add any new key data objects or replace the default ones.
</para>
</chapter>
|