Main Page | Modules | Class Hierarchy | Compound List | File List | Compound Members | File Members | Related Pages

Cryptographic Abstraction Layer


Detailed Description

The interface layer between the cryptographic modules and the XML Security library. It has been created to allow users to easily integrate other cryptographic libraries into the XML-Security library.

The XML-Security-C library itself makes calls to this interface layer to perform all cryptographic procedures. In order to instantiate the correct object (i.e. the object that belongs to the correct crypto library), XSEC makes calls to the virtual class XSECCryptoProvider, which returns pointers to particular virtual class objects.

The cryptographic interface has been kept as thin as possible. The classes are not meant to provide a complete wrapper for the cryptographic libraries involved. The application program is expected to deal directly with the chosen library. This ensures that the xml-security library can perform the functions it needs to, but does not constrain the application in what it can do.

Therefore, three type of methods are available on any cryptographic class.

Unless marked otherwise, all methods defined in the XSECCrypto* classes are Required.

The particular instantiation of XSECCryptoProvider that is to be used is set via the XSECPlatformUtils::Initialise() function call. If no provider is passed in, the Initialise function generates an OpenSSLCryptoProvider class for use. If OpenSSL is not available under windows, the library will use the Windows CAPI instead.

The provider is kept in a global variable, and is used by all signature objects created by a particular application. At this time there is no way to have different signature objects use different CryptoProviders

Todo:
Add an ability to better handle "optional" functions. The library should make a call to the provider to see whether an optional function (e.g. extract key from X509) has been provided.

\


Modules

Windows Crypto API Interface
Internal Crypto API Interface

Compounds

class  XSECCryptoBase64
 Base64 encode/decode handler interface class. More...

class  XSECCryptoException
 Exception class used by the cryptographic modules. More...

class  XSECCryptoHash
 Interface definition for Hash functions. More...

class  XSECCryptoKey
 Base interface class for key material. More...

class  XSECCryptoKeyDSA
 Interface class for DSA keys. More...

class  XSECCryptoKeyHMAC
 Interface class for HMAC keys. More...

class  XSECCryptoKeyRSA
 Interface class for RSA keys. More...

class  XSECCryptoProvider
 The base class that all *CryptoProviders need to implement. More...

class  XSECCryptoX509
 Interface class for X509 certificates. More...


Defines

#define CRYPTO_MAX_HASH_SIZE   128
 Maximum length (in bytes) of any expected Digest results.

#define CRYPTO_OID_DSA   "1.2.840.10040.4.1"
 OID For DSA.


Variables

const char * XSECCryptoExceptionStrings []
 Exception strings.


Define Documentation

#define CRYPTO_MAX_HASH_SIZE   128
 

Maximum length (in bytes) of any expected Digest results.

This constant defines the maximum length (in bytes) of HASH returns. We have defined it far and above the size we would normally expect.

Todo:
This should really come from each of the providers and should be implemented as a function call to *CryptoProvider

#define CRYPTO_OID_DSA   "1.2.840.10040.4.1"
 

OID For DSA.


Variable Documentation

const char* XSECCryptoExceptionStrings[]
 

Exception strings.

Global array of strings that can be looked up using the #type element of an XSECCryptoException to determine a default string for the erro


Generated on Sat Aug 9 18:37:00 2003 for XML-Security-C by doxygen 1.3.2