3 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
4 <title>Keys manager.</title>
5 <meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.79">
6 <link rel="HOME" title="XML Security Library Reference Manual" href="index.html">
7 <link rel="UP" title="XML Security Library Tutorial" href="xmlsec-notes.html">
8 <link rel="PREVIOUS" title="Keys." href="xmlsec-notes-keys.html">
9 <link rel="NEXT" title="Simple keys store." href="xmlsec-notes-simple-keys-store.html">
10 <style type="text/css">.synopsis, .classsynopsis {
12 border: solid 1px #aaaaaa;
17 border: solid 1px #aaaaff;
26 border: solid 1px #ffaaaa;
33 .navigation a:visited {
40 <body><table witdh="100%" valign="top"><tr valign="top">
41 <td valign="top" align="left" width="210">
42 <img src="../images/logo.gif" alt="XML Security Library" border="0"><p></p>
44 <li><a href="../index.html">Home</a></li>
45 <li><a href="../download.html">Download</a></li>
46 <li><a href="../news.html">News</a></li>
47 <li><a href="../documentation.html">Documentation</a></li>
49 <li><a href="../faq.html">FAQ</a></li>
50 <li><a href="../api/xmlsec-notes.html">Tutorial</a></li>
51 <li><a href="../api/xmlsec-reference.html">API reference</a></li>
52 <li><a href="../api/xmlsec-examples.html">Examples</a></li>
54 <li><a href="../xmldsig.html">XML Digital Signature</a></li>
55 <ul><li><a href="http://www.aleksey.com/xmlsec/xmldsig-verifier.html">Online Verifier</a></li></ul>
56 <li><a href="../xmlenc.html">XML Encryption</a></li>
57 <li><a href="../c14n.html">XML Canonicalization</a></li>
58 <li><a href="../bugs.html">Reporting Bugs</a></li>
59 <li><a href="http://www.aleksey.com/pipermail/xmlsec">Mailing list</a></li>
60 <li><a href="../related.html">Related</a></li>
61 <li><a href="../authors.html">Authors</a></li>
66 <td><a href="http://xmlsoft.org/"><img src="../images/libxml2-logo.png" alt="LibXML2" border="0"></a></td>
70 <td><a href="http://xmlsoft.org/XSLT"><img src="../images/libxslt-logo.png" alt="LibXSLT" border="0"></a></td>
74 <td><a href="http://www.openssl.org/"><img src="../images/openssl-logo.png" alt="OpenSSL" border="0"></a></td>
76 <!--Links - start--><!--Links - end-->
79 <td valign="top"><table width="100%" valign="top"><tr><td valign="top" align="left" id="xmlsecContent">
80 <table width="100%" class="navigation" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle">
81 <td><a accesskey="p" href="xmlsec-notes-keys.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
82 <td><a accesskey="u" href="xmlsec-notes.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
83 <td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
84 <th width="100%" align="center">XML Security Library Reference Manual</th>
85 <td><a accesskey="n" href="xmlsec-notes-simple-keys-store.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
89 <a name="XMLSEC-NOTES-KEYSMNGR"></a>Keys manager.</h1>
91 <dt><b>Table of Contents</b></dt>
92 <dt><a href="xmlsec-notes-keysmngr.html#XMLSEC-NOTES-KEYSMNGR-OVERVIEW">Overview.</a></dt>
93 <dt><a href="xmlsec-notes-simple-keys-store.html">Simple keys store.</a></dt>
94 <dt><a href="xmlsec-notes-keys-manager-sign-enc.html">Using keys manager for signatures/encryption.</a></dt>
95 <dt><a href="xmlsec-notes-keys-mngr-verify-decrypt.html">Using keys manager for verification/decryption.</a></dt>
96 <dt><a href="xmlsec-notes-custom-keys-store.html">Implementing a custom keys store.</a></dt>
98 <br clear="all"><div class="SECT1">
99 <h1 class="SECT1"><a name="XMLSEC-NOTES-KEYSMNGR-OVERVIEW">Overview.</a></h1>
100 <p>Processing some of the key data objects require additional
101 information which is global across the application (or in the
102 particular area of the application). For example, X509 certificates
103 processing require a common list of trusted certificates to be
104 available. XML Security Library keeps all the common information
105 for key data processing in a a collection of key data stores called
109 <a name="AEN353"></a><p><b>Figure 1. The keys manager structure.</b></p>
110 <p><img src="images/keysmngr.png" align="CENTER"></p>
112 <p>Keys manager has a special "keys store" which lists the keys
113 known to the application. This "keys store" is used by XML Security
114 Library to lookup keys by name, type and crypto algorithm (for example,
116 <a href="http://www.w3.org/TR/xmldsig-core/#sec-KeyName" target="_top"><dsig:KeyName/></a>
117 processing). The XML Security Library
118 provides default simple "flat list" based implementation of a default keys
119 store. The application can replace it with any other keys store
120 (for example, based on an SQL database).
122 <p>Keys manager is the only object in XML Security Library which
123 is supposed to be shared by many different operations. Usually keys
124 manager is initialized once at the application startup and later is
125 used by XML Security library routines in "read-only" mode. If
126 application or crypto function need to modify any of the key data
127 stores inside keys manager then proper synchronization must be
128 implemented. In the same time, application can create a new keys
129 manager each time it needs to perform XML signature, verification,
130 encryption or decryption.
134 <table class="navigation" width="100%" summary="Navigation footer" cellpadding="2" cellspacing="2"><tr valign="middle">
135 <td align="left"><a accesskey="p" href="xmlsec-notes-keys.html"><b><<< Keys.</b></a></td>
136 <td align="right"><a accesskey="n" href="xmlsec-notes-simple-keys-store.html"><b>Simple keys store. >>></b></a></td>
138 </td></tr></table></td>