docs/api/xmlsec-notes-keysmngr.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Keys manager.</title>
<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.79">
<link rel="HOME" title="XML Security Library Reference Manual" href="index.html">
<link rel="UP" title="XML Security Library Tutorial" href="xmlsec-notes.html">
<link rel="PREVIOUS" title="Keys." href="xmlsec-notes-keys.html">
<link rel="NEXT" title="Simple keys store." href="xmlsec-notes-simple-keys-store.html">
<style type="text/css">.synopsis, .classsynopsis {
    background: #eeeeee;
    border: solid 1px #aaaaaa;
    padding: 0.5em;
}
.programlisting {
    background: #eeeeff;
    border: solid 1px #aaaaff;
    padding: 0.5em;
}
.variablelist {
    padding: 4px;
    margin-left: 3em;
}
.navigation {
    background: #ffeeee;
    border: solid 1px #ffaaaa;
    margin-top: 0.5em;
    margin-bottom: 0.5em;
}
.navigation a {
    color: #770000;
}
.navigation a:visited {
    color: #550000;
}
.navigation .title {
    font-size: 200%;
}</style>
</head>
<body><table witdh="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<img src="../images/logo.gif" alt="XML Security Library" border="0"><p></p>
<ul>
<li><a href="../index.html">Home</a></li>
<li><a href="../download.html">Download</a></li>
<li><a href="../news.html">News</a></li>
<li><a href="../documentation.html">Documentation</a></li>
<ul>
<li><a href="../faq.html">FAQ</a></li>
<li><a href="../api/xmlsec-notes.html">Tutorial</a></li>
<li><a href="../api/xmlsec-reference.html">API reference</a></li>
<li><a href="../api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="../xmldsig.html">XML Digital Signature</a></li>
<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="../xmlenc.html">XML Encryption</a></li>
<li><a href="../c14n.html">XML Canonicalization</a></li>
<li><a href="../bugs.html">Reporting Bugs</a></li>
<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
<li><a href="../related.html">Related</a></li>
<li><a href="../authors.html">Authors</a></li>
</ul>
<table width="100%">
<tr>
<td width="15"></td>
<td><a href="http://xmlsoft.org/"><img src="../images/libxml2-logo.png" alt="LibXML2" border="0"></a></td>
</tr>
<tr>
<td width="15"></td>
<td><a href="http://xmlsoft.org/XSLT"><img src="../images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td>
</tr>
<tr>
<td width="15"></td>
<td><a href="http://www.openssl.org/"><img src="../images/openssl-logo.png" alt="OpenSSL" border="0"></a></td>
</tr>
<!--Links - start--><!--Links - end-->
</table>
</td>
<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
<table width="100%" class="navigation" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle">
<td><a accesskey="p" href="xmlsec-notes-keys.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
<td><a accesskey="u" href="xmlsec-notes.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
<td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
<th width="100%" align="center">XML Security Library Reference Manual</th>
<td><a accesskey="n" href="xmlsec-notes-simple-keys-store.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
</tr></table>
<div class="CHAPTER">
<h1>
<a name="XMLSEC-NOTES-KEYSMNGR"></a>Keys manager.</h1>
<div class="TOC"><dl>
<dt><b>Table of Contents</b></dt>
<dt><a href="xmlsec-notes-keysmngr.html#XMLSEC-NOTES-KEYSMNGR-OVERVIEW">Overview.</a></dt>
<dt><a href="xmlsec-notes-simple-keys-store.html">Simple keys store.</a></dt>
<dt><a href="xmlsec-notes-keys-manager-sign-enc.html">Using keys manager for signatures/encryption.</a></dt>
<dt><a href="xmlsec-notes-keys-mngr-verify-decrypt.html">Using keys manager for verification/decryption.</a></dt>
<dt><a href="xmlsec-notes-custom-keys-store.html">Implementing a custom keys store.</a></dt>
</dl></div>
<br clear="all"><div class="SECT1">
<h1 class="SECT1"><a name="XMLSEC-NOTES-KEYSMNGR-OVERVIEW">Overview.</a></h1>
<p>Processing some of the key data objects require additional 
	information which is global across the application (or in the 
	particular area of the application). For example, X509 certificates 
	processing require a common list of trusted certificates to be 
	available. XML Security Library keeps all the common information 
	for key data processing in a a collection of key data stores called 
	"keys manager".
        </p>
<div class="FIGURE">
<a name="AEN353"></a><p><b>Figure 1. The keys manager structure.</b></p>
<p><img src="images/keysmngr.png" align="CENTER"></p>
</div>
<p>Keys manager has a special "keys store" which lists the keys 
	known to the application. This "keys store" is used by XML Security 
	Library to lookup keys by name, type and crypto algorithm (for example,
	during 
    	<a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName" target="_top">&lt;dsig:KeyName/&gt;</a>
	processing). The XML Security Library 
	provides default simple "flat list" based implementation of a default keys 
	store. The application can replace it with any other keys store 
	(for example, based on an SQL database).
	</p>
<p>Keys manager is the only object in XML Security Library which 
	is supposed to be shared by many different operations. Usually keys 
	manager is initialized once at the application startup and later is 
	used by XML Security library routines in "read-only" mode. If 
	application or crypto function need to modify any of the key data 
	stores inside keys manager then proper synchronization must be 
	implemented. In the same time, application can create a new keys 
	manager each time it needs to perform XML signature, verification, 
	encryption or decryption.
	</p>
</div>
</div>
<table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
<td align="left"><a accesskey="p" href="xmlsec-notes-keys.html"><b>&lt;&lt;&lt; Keys.</b></a></td>
<td align="right"><a accesskey="n" href="xmlsec-notes-simple-keys-store.html"><b>Simple keys store. &gt;&gt;&gt;</b></a></td>
</tr></table>
</td></tr></table></td>
</tr></table></body>
</html>