Details
enum xmlSecKeyInfoMode
typedef enum {
    xmlSecKeyInfoModeRead = 0,
    xmlSecKeyInfoModeWrite
} xmlSecKeyInfoMode;
The xmlSecKeyInfoCtx operation mode (read or write).
 
XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND
#define XMLSEC_KEYINFO_FLAGS_DONT_STOP_ON_KEY_FOUND             0x00000001
If flag is set then we will continue reading <dsig:KeyInfo />
element even when key is already found.
 
XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD
#define XMLSEC_KEYINFO_FLAGS_STOP_ON_UNKNOWN_CHILD              0x00000002
If flag is set then we abort if an unknown <dsig:KeyInfo />
child is found.
 
XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN
#define XMLSEC_KEYINFO_FLAGS_KEYNAME_STOP_ON_UNKNOWN            0x00000004
If flags is set then we abort if an unknown key name
(content of <dsig:KeyName /> element) is found.
 
XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD
#define XMLSEC_KEYINFO_FLAGS_KEYVALUE_STOP_ON_UNKNOWN_CHILD     0x00000008
If flags is set then we abort if an unknown <dsig:KeyValue />
child is found.
 
XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF
#define XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_UNKNOWN_HREF    0x00000010
If flag is set then we abort if an unknown href attribute
of <dsig:RetrievalMethod /> element is found.
 
XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF
#define XMLSEC_KEYINFO_FLAGS_RETRMETHOD_STOP_ON_MISMATCH_HREF   0x00000020
If flag is set then we abort if an href attribute <dsig:RetrievalMethod />
element does not match the real key data type.
 
XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD
#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD     0x00000100
If flags is set then we abort if an unknown <dsig:X509Data />
child is found.
 
XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS
#define XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS         0x00000200
If flag is set then we'll load certificates from <dsig:X509Data />
element without verification.
 
XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT
#define XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT      0x00000800
If the flag is set then we'll stop when <dsig:X509Data /> element
processing does not return a verified certificate.
 
XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION
#define XMLSEC_KEYINFO_FLAGS_ENCKEY_DONT_STOP_ON_FAILED_DECRYPTION 0x00001000
If the flag is set then we'll stop when <enc:EncryptedKey /> element
processing fails.
 
XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE
#define XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE                 0x00002000
If the flag is set then we'll stop when we found an empty node.
Otherwise we just ignore it.
 
XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS
#define XMLSEC_KEYINFO_FLAGS_X509DATA_SKIP_STRICT_CHECKS        0x00004000
If the flag is set then we'll skip strict checking of certs and CRLs
 
struct xmlSecKeyInfoCtx
struct xmlSecKeyInfoCtx {
    void*                               userData;
    unsigned int                        flags;
    unsigned int                        flags2;
    xmlSecKeysMngrPtr                   keysMngr;
    xmlSecKeyInfoMode                   mode;
    xmlSecPtrList                       enabledKeyData;
    int                                 base64LineSize;
    /* RetrievalMethod */
    xmlSecTransformCtx                  retrievalMethodCtx;
    int                                 maxRetrievalMethodLevel;
    /* EncryptedKey */
    xmlSecEncCtxPtr                     encCtx;
    int                                 maxEncryptedKeyLevel;
    /* x509 certificates */
    time_t                              certsVerificationTime;
    int                                 certsVerificationDepth;
    /* PGP */
    void*                               pgpReserved;    /* TODO */
    /* internal data */
    int                                 curRetrievalMethodLevel;
    int                                 curEncryptedKeyLevel;
    xmlSecKeyReq                        keyReq;
    /* for the future */
    void*                               reserved0;
    void*                               reserved1;
};
The <dsig:KeyInfo /> reading or writing context.
 
xmlSecKeyInfoCtxCreate ()
xmlSecKeyInfoCtxPtr  xmlSecKeyInfoCtxCreate             (xmlSecKeysMngrPtr keysMngr);
Allocates and initializes <dsig:KeyInfo/> element processing context.
Caller is responsible for freeing it by calling xmlSecKeyInfoCtxDestroy
function.
| keysMngr: |            the pointer to keys manager (may be NULL). | 
| Returns : |  pointer to newly allocated object or NULL if an error occurs. | 
 
xmlSecKeyInfoCtxReset ()
void                xmlSecKeyInfoCtxReset               (xmlSecKeyInfoCtxPtr keyInfoCtx);
Resets the keyInfoCtx state. User settings are not changed.
 
xmlSecKeyInfoCtxCopyUserPref ()
int                 xmlSecKeyInfoCtxCopyUserPref        (xmlSecKeyInfoCtxPtr dst,
                                                         xmlSecKeyInfoCtxPtr src);
Copies user preferences from src context to dst context.
| dst: |                 the pointer to destination context object. | 
| src: |                 the pointer to source context object. | 
| Returns : |  0 on success and a negative value if an error occurs. | 
 
xmlSecKeyInfoCtxDebugDump ()
void                xmlSecKeyInfoCtxDebugDump           (xmlSecKeyInfoCtxPtr keyInfoCtx,
                                                         FILE *output);
Prints user settings and current context state to output.
 
xmlSecKeyInfoCtxDebugXmlDump ()
void                xmlSecKeyInfoCtxDebugXmlDump        (xmlSecKeyInfoCtxPtr keyInfoCtx,
                                                         FILE *output);
Prints user settings and current context state in XML format to output.
 
xmlSecKeyDataNameId
#define xmlSecKeyDataNameId             xmlSecKeyDataNameGetKlass()
The <dsig:KeyName> processing class.
 
xmlSecKeyDataNameGetKlass ()
xmlSecKeyDataId     xmlSecKeyDataNameGetKlass           (void);
The <dsig:KeyName/> element key data klass
(http://www.w3.org/TR/xmldsig-core/sec-KeyName):
The KeyName element contains a string value (in which white space is
significant) which may be used by the signer to communicate a key
identifier to the recipient. Typically, KeyName contains an identifier
related to the key pair used to sign the message, but it may contain
other protocol-related information that indirectly identifies a key pair.
(Common uses of KeyName include simple string names for keys, a key index,
a distinguished name (DN), an email address, etc.)
 
xmlSecKeyDataValueId
#define xmlSecKeyDataValueId            xmlSecKeyDataValueGetKlass()
The <dsig:KeyValue> processing class.
 
xmlSecKeyDataValueGetKlass ()
xmlSecKeyDataId     xmlSecKeyDataValueGetKlass          (void);
The <dsig:KeyValue/> element key data klass
(http://www.w3.org/TR/xmldsig-core/sec-KeyValue):
The KeyValue element contains a single public key that may be useful in
validating the signature.
 
xmlSecKeyDataRetrievalMethodId
#define xmlSecKeyDataRetrievalMethodId  xmlSecKeyDataRetrievalMethodGetKlass()
The <dsig:RetrievalMethod> processing class.
 
xmlSecKeyDataRetrievalMethodGetKlass ()
xmlSecKeyDataId     xmlSecKeyDataRetrievalMethodGetKlass
                                                        (void);
The <dsig:RetrievalMethod/> element key data klass
(http://www.w3.org/TR/xmldsig-core/sec-RetrievalMethod):
A RetrievalMethod element within KeyInfo is used to convey a reference to
KeyInfo information that is stored at another location. For example,
several signatures in a document might use a key verified by an X.509v3
certificate chain appearing once in the document or remotely outside the
document; each signature's KeyInfo can reference this chain using a single
RetrievalMethod element instead of including the entire chain with a
sequence of X509Certificate elements.
RetrievalMethod uses the same syntax and dereferencing behavior as
Reference's URI and The Reference Processing Model.
 
xmlSecKeyDataEncryptedKeyId
#define xmlSecKeyDataEncryptedKeyId     xmlSecKeyDataEncryptedKeyGetKlass()
The <enc:EncryptedKey> processing class.
 
xmlSecKeyDataEncryptedKeyGetKlass ()
xmlSecKeyDataId     xmlSecKeyDataEncryptedKeyGetKlass   (void);
The <enc:EncryptedKey/> element key data klass
(http://www.w3.org/TR/xmlenc-core/sec-EncryptedKey):
The EncryptedKey element is used to transport encryption keys from
the originator to a known recipient(s). It may be used as a stand-alone
XML document, be placed within an application document, or appear inside
an EncryptedData element as a child of a ds:KeyInfo element. The key value
is always encrypted to the recipient(s). When EncryptedKey is decrypted the
resulting octets are made available to the EncryptionMethod algorithm
without any additional processing.