Git init

[external/xmlsec1.git] / docs / api / chapters / using-keys.sgml

<chapter id="xmlsec-notes-keys">
    <title>Keys.</title>
    <para>A key in XML Security Library is a representation of the 
        <ulink URL="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo">&lt;dsig:KeyInfo/&gt;</ulink>
        element and consist of several key data objects. 
        The "value" key data usually contains raw key material (or handlers to 
        key material) required to execute particular crypto transform. Other 
        key data objects may contain any additional information about the key. 
        All the key data objects in the key are associated with the same key 
        material. For example, if a DSA key material has both an X509 
        certificate and a PGP data associated with it then such a key can 
        have a DSA key "value" and two key data objects for X509 certificate 
        and PGP key data.
    </para>
    <figure>
        <title>The key structure.</title>
        <graphic fileref="images/key.png" align="center"></graphic>
    </figure>    
    <para>XML Security Library has several "invisible" key data classes. 
        These classes never show up in the keys data list of a key but are used for 
        <ulink URL="http://www.w3.org/TR/xmldsig-core/#sec-KeyInfo">&lt;dsig:KeyInfo/&gt;</ulink>
        children processing (<ulink URL="http://www.w3.org/TR/xmldsig-core/#sec-KeyName">&lt;dsig:KeyName/&gt;</ulink>, 
        &lt;enc:EncryptedKey/&gt;, ...). As with transforms, application might 
        add any new key data objects or replace the default ones.
    </para>
</chapter>