File: xmlsec-notes-new-crypto-transforms.html

package info (click to toggle)
xmlsec1 1.2.27-2
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 16,072 kB
  • sloc: ansic: 76,139; xml: 14,614; sh: 5,993; makefile: 1,179; perl: 183
file content (192 lines) | stat: -rw-r--r-- 9,049 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
 
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Cryptographic transforms.: XML Security Library Reference Manual</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-new-crypto.html" title="Adding support for new cryptographic library.">
<link rel="prev" href="xmlsec-notes-new-crypto-klasses.html" title="Klasses and objects.">
<link rel="next" href="xmlsec-notes-new-crypto-keys.html" title="Keys data and keys data stores.">
<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
<style type="text/css">
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
    width: 20em;
}
.synopsis, .classsynopsis {
    background: #eeeeee;
    border: solid 1px #aaaaaa;
}
.programlisting {
    background: #eeeeee;
    border: solid 1px #000000;
}
.navigation {
    background: #eeeeee;
    border: solid 1px #000000;
}
.navigation a {
    color: initial;
}
.navigation a:visited {
    color: initial;
}
</style>
<style type="text/css">
table.CALSTABLE > tbody > tr:nth-child(1) > td:nth-child(1) {
    width: 20em;
}
.synopsis, .classsynopsis {
    background: #eeeeee;
    border: solid 1px #aaaaaa;
}
.programlisting {
    background: #eeeeee;
    border: solid 1px #000000;
}
.navigation {
    background: #eeeeee;
    border: solid 1px #000000;
}
.navigation a {
    color: initial;
}
.navigation a:visited {
    color: initial;
}
</style>
</head>
<body><table width="100%" valign="top"><tr valign="top">
<td valign="top" align="left" width="210">
<img src="../images/logo.gif" alt="XML Security Library" border="0"><p></p>
<ul>
<li><a href="../index.html">Home</a></li>
<li><a href="../download.html">Download</a></li>
<li><a href="../news.html">News</a></li>
<li><a href="../documentation.html">Documentation</a></li>
<ul>
<li><a href="../faq.html">FAQ</a></li>
<li><a href="../api/xmlsec-notes.html">Tutorial</a></li>
<li><a href="../api/xmlsec-reference.html">API reference</a></li>
<li><a href="../api/xmlsec-examples.html">Examples</a></li>
</ul>
<li><a href="../xmldsig.html">XML Digital Signature</a></li>
<ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
<li><a href="../xmlenc.html">XML Encryption</a></li>
<li><a href="../c14n.html">XML Canonicalization</a></li>
<li><a href="../bugs.html">Reporting Bugs</a></li>
<li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
<li><a href="../related.html">Related</a></li>
<li><a href="../authors.html">Authors</a></li>
</ul>
<table width="100%">
<tr>
<td width="15"></td>
<td><a href="http://xmlsoft.org/"><img src="../images/libxml2-logo.png" alt="LibXML2" border="0"></a></td>
</tr>
<tr>
<td width="15"></td>
<td><a href="http://xmlsoft.org/XSLT"><img src="../images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td>
</tr>
<tr>
<td width="15"></td>
<td><a href="http://www.openssl.org/"><img src="../images/openssl-logo.png" alt="OpenSSL" border="0"></a></td>
</tr>
<!--Links - start--><!--Links - end-->
</table>
</td>
<td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
<table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="5"><tr valign="middle">
<td width="100%" align="left" class="shortcuts"></td>
<td><a accesskey="h" href="index.html"><img src="home.png" width="16" height="16" border="0" alt="Home"></a></td>
<td><a accesskey="u" href="xmlsec-notes-new-crypto.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td>
<td><a accesskey="p" href="xmlsec-notes-new-crypto-klasses.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td>
<td><a accesskey="n" href="xmlsec-notes-new-crypto-keys.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td>
</tr></table>
<div class="sect1">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="xmlsec-notes-new-crypto-transforms"></a>Cryptographic transforms.</h2></div></div></div>
<p>The cryptographic transforms (digests, signatures and encryption)
	implementation is the main goal of "xmlsec-&lt;crypto&gt;" library.
	Most of the cryptographic <a class="link" href="xmlsec-notes-transforms.html" title="Transforms and transforms chain.">transforms</a> 
	use default <em class="structfield"><code>pushBin</code></em> and <em class="structfield"><code>popBin</code></em> 
	methods and provide custom <a class="link" href="xmlsec-transforms.html#xmlSecTransformExecuteMethod" title="xmlSecTransformExecuteMethod ()">execute</a> method. 
	The binary transform <a class="link" href="xmlsec-transforms.html#xmlSecTransformExecuteMethod" title="xmlSecTransformExecuteMethod ()">execute</a> method 
	processes data from the input buffer
	<em class="structfield"><code>inBuf</code></em> and pushes results to
	<em class="structfield"><code>outBuf</code></em>. The transform should try to
	consume and remove data from <em class="structfield"><code>inBuf</code></em> buffer
	as soon as the data became available. However, it might happen
	that current data size in the input buffer is not enough (for example,
	RSA-PKCS1 algorithm requires that all the data are available in 
	one buffer). In this case, transform might keep the data in the 
	input buffer till the next call to 
	<a class="link" href="xmlsec-transforms.html#xmlSecTransformExecuteMethod" title="xmlSecTransformExecuteMethod ()">execute</a>
	method. The "last" parameter of the 
	<a class="link" href="xmlsec-transforms.html#xmlSecTransformExecuteMethod" title="xmlSecTransformExecuteMethod ()">execute</a>
	indicates that transform MUST process all the data in the input buffer
	and return as much as possible in the output buffer. The 
	<a class="link" href="xmlsec-transforms.html#xmlSecTransformExecuteMethod" title="xmlSecTransformExecuteMethod ()">execute</a> method 
	might be called multiple times with non-zero "last" parameter until 
	the transforms returns nothing
	in the output buffer. In addition, the transform implementation is 
	responsible for managing the transform <em class="structfield"><code>status</code></em> 
	variable.
	</p>
<div class="table">
<a name="id-1.2.14.6.2.13"></a><p class="title"><b>Table 2. Typical transform status managing.</b></p>
<div class="table-contents"><table class="table" summary="Typical transform status managing." border="1">
<colgroup>
<col>
<col>
</colgroup>
<tbody>
<tr>
<td>xmlSecTransformStatusNone</td>
<td>Transform initializes itself (for example, cipher transform 
	generates or reads IV) and sets <em class="structfield"><code>status</code></em> 
	variable to xmlSecTransformStatusWorking.</td>
</tr>
<tr>
<td>xmlSecTransformStatusWorking</td>
<td>Transform process the next (if "last" parameter is zero) or
	last block of data (if "last" parameter is non-zero).
	When transform returns all the data, it sets the 
	<em class="structfield"><code>status</code></em> variable to 
	xmlSecTransformStatusFinished.</td>
</tr>
<tr>
<td>xmlSecTransformStatusFinished</td>
<td>Transform returns no data to indicate that it finished
	processing.</td>
</tr>
</tbody>
</table></div>
</div>
<p><br class="table-break">	
	</p>
<p>In adition to <a class="link" href="xmlsec-transforms.html#xmlSecTransformExecuteMethod" title="xmlSecTransformExecuteMethod ()">execute</a>
	methods, signature, hmac or digest transforms 
	MUST implement <a class="link" href="xmlsec-transforms.html#xmlSecTransformVerifyMethod" title="xmlSecTransformVerifyMethod ()">verify</a> method. 
	The <a class="link" href="xmlsec-transforms.html#xmlSecTransformVerifyMethod" title="xmlSecTransformVerifyMethod ()">verify</a> method is called
	after transform execution is finished. The 
	<a class="link" href="xmlsec-transforms.html#xmlSecTransformVerifyMethod" title="xmlSecTransformVerifyMethod ()">verify</a> method implementation 
	must set the "status" member to <a class="link" href="xmlsec-transforms.html#xmlSecTransformStatusOk">xmlSecTransformStatusOk</a>
	if signature, hmac or digest is successfuly verified or to
	<a class="link" href="xmlsec-transforms.html#xmlSecTransformStatusFail">xmlSecTransformStatusFail</a>
	otherwise.
	</p>
<p>The transforms that require a key (signature or encryption 
	transforms, for example) MUST imlpement 
	<a class="link" href="xmlsec-transforms.html#xmlSecTransformSetKeyRequirementsMethod" title="xmlSecTransformSetKeyRequirementsMethod ()">setKeyReq</a> 
	(prepares the <a class="link" href="xmlsec-keys.html#xmlSecKeyReq" title="struct xmlSecKeyReq">key requirements</a>
	for key search) and
	<a class="link" href="xmlsec-transforms.html#xmlSecTransformSetKeyMethod" title="xmlSecTransformSetKeyMethod ()">setKey</a> 
	(sets the key in the transform) methods. 
	</p>
</div>
<div class="footer">
<hr>Generated by GTK-Doc V1.27</div>
</td></tr></table></td>
</tr></table></body>
</html>