1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Transforms and transforms chain.: XML Security Library Reference Manual</title>
<meta name="generator" content="DocBook XSL Stylesheets Vsnapshot">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes.html" title="Part I. XML Security Library Tutorial">
<link rel="prev" href="xmlsec-notes-verify-x509.html" title="Verifing document signed with X509 certificates.">
<link rel="next" href="xmlsec-notes-contexts.html" title="Using context objects.">
<meta name="generator" content="GTK-Doc V1.34.0 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="5"><tr valign="middle">
<td width="100%" align="left" class="shortcuts"></td>
<td><a accesskey="h" href="index.html"><img src="home.png" width="16" height="16" border="0" alt="Home"></a></td>
<td><a accesskey="u" href="xmlsec-notes.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td>
<td><a accesskey="p" href="xmlsec-notes-verify-x509.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td>
<td><a accesskey="n" href="xmlsec-notes-contexts.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td>
</tr></table>
<div class="chapter">
<div class="titlepage"><div><div><h2 class="title">
<a name="xmlsec-notes-transforms"></a>Transforms and transforms chain.</h2></div></div></div>
<p>XML Digital Signature and XML Encryption standards are
very flexible and provide an XML developer many different ways to
sign or encrypt any part (or even parts) of an XML document.
The key for such great flexibility is the "transforms" model.
Transform is defined as a method of pre-processing binary or XML data
before calculating digest or signature. XML Security Library extends
this definition and names "transform" any operation performed on
the data: reading data from an URI, xml parsing, xml transformation,
calculation digest, encrypting or decrypting. Each XML Security Library
transform provides at least one of the following callbacks:
</p>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem"><p>
<a class="link" href="xmlsec-transforms.html#xmlSecTransformPushBinMethod" title="xmlSecTransformPushBinMethod ()">push binary data</a>;
</p></li>
<li class="listitem"><p>
<a class="link" href="xmlsec-transforms.html#xmlSecTransformPushXmlMethod" title="xmlSecTransformPushXmlMethod ()">push xml data</a>;
</p></li>
<li class="listitem"><p>
<a class="link" href="xmlsec-transforms.html#xmlSecTransformPopBinMethod" title="xmlSecTransformPopBinMethod ()">pop binary data</a>;
</p></li>
<li class="listitem"><p>
<a class="link" href="xmlsec-transforms.html#xmlSecTransformPopXmlMethod" title="xmlSecTransformPopXmlMethod ()">pop xml data</a>.
</p></li>
</ul></div>
<p>
</p>
<p>One additional <a class="link" href="xmlsec-transforms.html#xmlSecTransformExecuteMethod" title="xmlSecTransformExecuteMethod ()">execute</a>
callback was added to simplify the development and reduce code size.
This callback is used by default
implementations of the four external callbacks from the list above.
For example, most of the crypto transforms could be implemented by
just implementing one "execute" callback and using default push/pop
binary data callbacks. However, in some cases using push/pop callbacks
directly is more efficient.
</p>
<div class="figure">
<a name="id-1.2.12.4"></a><p class="title"><b>Figure 9. The XML Security Library transform.</b></p>
<div class="figure-contents"><div align="center"><img src="images/transform.png" align="middle" alt="The XML Security Library transform."></div></div>
</div>
<br class="figure-break"><p>XML Security Library constructs transforms chain according to the
signature/encryption template or signed/encrypted document.
If necessary, XML Security Library inserts XML parser or defaul
canonicalization to ensure that the output data type (binary or XML)
of previous transform matches the input of the next transform.
</p>
<p>The data are processed by pushing through or poping from the chain
depending on the transforms in the chain. For example, then binary
data chunk is pushed through a binary-to-binary transform, it
processes this chunk and pushes the result to the next transform
in the chain.
</p>
<div class="figure">
<a name="id-1.2.12.7"></a><p class="title"><b>Figure 10. Transforms chain created for <dsig:Reference/> element processing.</b></p>
<div class="figure-contents"><div align="center"><img src="images/transforms-chain.png" align="middle" alt="Transforms chain created for <dsig:Reference/> element processing."></div></div>
</div>
<br class="figure-break"><p>
</p>
<div class="example">
<a name="id-1.2.12.8.1"></a><p class="title"><b>Example 23. Walking through transforms chain.</b></p>
<div class="example-contents"><pre class="programlisting">
TODO
</pre></div>
</div>
<p><br class="example-break">
</p>
</div>
<div class="footer">
<hr>Generated by GTK-Doc V1.34.0</div>
</body>
</html>
|
