Tutorial Index
This tutorial explains how to use XML Security Library to perform XML Digital Signature and XML Encryption operations. For the complete API reference, see the XML Security Library API Reference. For code examples, see the XML Security Library Examples.
- Building the library — Building and installing the XML Security Library
- Compiling your application — Compiling and linking your application with XML Security Library
- Initialization and shutdown — Initializing and shutting down the XML Security library and its dependencies
- Signing and encrypting documents — Signing XML documents and encrypting data using templates
- Creating dynamic templates — Programmatically constructing signature and encryption templates
- Verifying and decrypting documents — Verifying signatures and decrypting encrypted documents
- Keys — Key structure and key data objects
- Keys manager — Managing keys with the built-in store, using keys manager for operations, and implementing custom stores
- Using X509 certificates — Signing and verifying with X509 certificates
- Using context objects — Controlling operations and restricting allowed transforms via context objects
- Transforms and transform chains — Transform model and processing pipeline
- Appendix — Signature and Encryption class diagrams
The XML Security Library supports XML Digital Signature and XML Encryption. It is based on LibXML/LibXSLT and can use almost any cryptographic library (currently, there is out-of-the-box support for OpenSSL, Microsoft Crypto API, Microsoft Cryptography API: Next Generation (CNG), GnuTLS, GCrypt, and NSS).
To support different crypto engines, the XML Security Library is split into two parts: the core library (xmlsec) and the crypto library (xmlsec-openssl, xmlsec-mscrypt, xmlsec-mscng, xmlsec-gnutls, xmlsec-gcrypt, xmlsec-nss, ...).
The core library has no dependencies on any crypto library and implements all engines as well as all non-crypto transforms (XML parser, C14N transforms, XPath and XSLT transforms, ...). The XML Security Crypto library implements crypto transforms, crypto key data, and key data stores. An application links against a particular XML Security Crypto library (or even multiple libraries), but the application code itself can still be general enough that switching the crypto engine requires changing only a few #include directives.