xmlsec1/docs/api/xmlsec-notes-encrypt.html

175 lines
6.9 KiB
HTML
Raw Normal View History

2022-11-29 19:07:29 +08:00
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Encrypting data.: XML Security Library Reference Manual</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
<link rel="home" href="index.html" title="XML Security Library Reference Manual">
<link rel="up" href="xmlsec-notes-sign-encrypt.html" title="Signing and encrypting documents.">
<link rel="prev" href="xmlsec-notes-sign.html" title="Signing a document.">
<link rel="next" href="xmlsec-notes-templates.html" title="Creating dynamic templates.">
<meta name="generator" content="GTK-Doc V1.27 (XML mode)">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="5"><tr valign="middle">
<td width="100%" align="left" class="shortcuts"></td>
<td><a accesskey="h" href="index.html"><img src="home.png" width="16" height="16" border="0" alt="Home"></a></td>
<td><a accesskey="u" href="xmlsec-notes-sign-encrypt.html"><img src="up.png" width="16" height="16" border="0" alt="Up"></a></td>
<td><a accesskey="p" href="xmlsec-notes-sign.html"><img src="left.png" width="16" height="16" border="0" alt="Prev"></a></td>
<td><a accesskey="n" href="xmlsec-notes-templates.html"><img src="right.png" width="16" height="16" border="0" alt="Next"></a></td>
</tr></table>
<div class="sect1">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="xmlsec-notes-encrypt"></a>Encrypting data.</h2></div></div></div>
<p>The typical encryption process includes following steps:
</p>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem"><p>
Prepare data for encryption.
</p></li>
<li class="listitem"><p>
Create or load encryption template and select start
&lt;enc:EncryptedData/&gt; node.
</p></li>
<li class="listitem"><p>
Create encryption context <a class="link" href="xmlsec-xmlenc.html#xmlSecEncCtx" title="struct xmlSecEncCtx">xmlSecEncCtx</a>
using <a class="link" href="xmlsec-xmlenc.html#xmlSecEncCtxCreate" title="xmlSecEncCtxCreate ()">xmlSecEncCtxCreate</a> or
<a class="link" href="xmlsec-xmlenc.html#xmlSecEncCtxInitialize" title="xmlSecEncCtxInitialize ()">xmlSecEncCtxInitialize</a>
functions.
</p></li>
<li class="listitem"><p>
Load encryption key in <a class="link" href="xmlsec-keysmngr.html#xmlSecKeysMngr" title="struct xmlSecKeysMngr">keys manager</a>
or generate a session key and set it in the encryption context
(<em class="structfield"><code>encKey</code></em> member of
<a class="link" href="xmlsec-xmlenc.html#xmlSecEncCtx" title="struct xmlSecEncCtx">xmlSecEncCtx</a> structure).
</p></li>
<li class="listitem">
<p>
Encrypt data by calling one of the following functions:
</p>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: circle; ">
<li class="listitem"><p>
<a class="link" href="xmlsec-xmlenc.html#xmlSecEncCtxBinaryEncrypt" title="xmlSecEncCtxBinaryEncrypt ()">xmlSecEncCtxBinaryEncrypt</a>
</p></li>
<li class="listitem"><p>
<a class="link" href="xmlsec-xmlenc.html#xmlSecEncCtxXmlEncrypt" title="xmlSecEncCtxXmlEncrypt ()">xmlSecEncCtxXmlEncrypt</a>
</p></li>
<li class="listitem"><p>
<a class="link" href="xmlsec-xmlenc.html#xmlSecEncCtxUriEncrypt" title="xmlSecEncCtxUriEncrypt ()">xmlSecEncCtxUriEncrypt</a>
</p></li>
</ul></div>
<p>
</p>
</li>
<li class="listitem"><p>
Check returned value and if necessary consume encrypted data.
</p></li>
<li class="listitem"><p>
Destroy encryption context <a class="link" href="xmlsec-xmlenc.html#xmlSecEncCtx" title="struct xmlSecEncCtx">xmlSecEncCtx</a>
using <a class="link" href="xmlsec-xmlenc.html#xmlSecEncCtxDestroy" title="xmlSecEncCtxDestroy ()">xmlSecEncCtxDestroy</a> or
<a class="link" href="xmlsec-xmlenc.html#xmlSecEncCtxFinalize" title="xmlSecEncCtxFinalize ()">xmlSecEncCtxFinalize</a>
functions.
</p></li>
</ul></div>
<p>
</p>
<p>
</p>
<div class="example">
<a name="id-1.2.6.4.3.1"></a><p class="title"><b>Example 11. Encrypting binary data with a template.</b></p>
<div class="example-contents">
<pre class="programlisting">
/**
* encrypt_file:
* @tmpl_file: the encryption template file name.
* @key_file: the Triple DES key file.
* @data: the binary data to encrypt.
* @dataSize: the binary data size.
*
* Encrypts binary #data using template from #tmpl_file and DES key from
* #key_file.
*
* Returns 0 on success or a negative value if an error occurs.
*/
int
encrypt_file(const char* tmpl_file, const char* key_file, const unsigned char* data, size_t dataSize) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecEncCtxPtr encCtx = NULL;
int res = -1;
assert(tmpl_file);
assert(key_file);
assert(data);
/* load template */
doc = xmlParseFile(tmpl_file);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
fprintf(stderr, "Error: unable to parse file \"%s\"\n", tmpl_file);
goto done;
}
/* find start node */
node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeEncryptedData, xmlSecEncNs);
if(node == NULL) {
fprintf(stderr, "Error: start node not found in \"%s\"\n", tmpl_file);
goto done;
}
/* create encryption context, we don't need keys manager in this example */
encCtx = xmlSecEncCtxCreate(NULL);
if(encCtx == NULL) {
fprintf(stderr,"Error: failed to create encryption context\n");
goto done;
}
/* load DES key */
encCtx-&gt;encKey = xmlSecKeyReadBinaryFile(xmlSecKeyDataDesId, key_file);
if(encCtx-&gt;encKey == NULL) {
fprintf(stderr,"Error: failed to load des key from binary file \"%s\"\n", key_file);
goto done;
}
/* set key name to the file name, this is just an example! */
if(xmlSecKeySetName(encCtx-&gt;encKey, key_file) &lt; 0) {
fprintf(stderr,"Error: failed to set key name for key from \"%s\"\n", key_file);
goto done;
}
/* encrypt the data */
if(xmlSecEncCtxBinaryEncrypt(encCtx, node, data, dataSize) &lt; 0) {
fprintf(stderr,"Error: encryption failed\n");
goto done;
}
/* print encrypted data with document to stdout */
xmlDocDump(stdout, doc);
/* success */
res = 0;
done:
/* cleanup */
if(encCtx != NULL) {
xmlSecEncCtxDestroy(encCtx);
}
if(doc != NULL) {
xmlFreeDoc(doc);
}
return(res);
}
</pre>
<p><a class="link" href="xmlsec-encrypt-template-file.html#xmlsec-example-encrypt1" title="encrypt1.c">Full program listing</a></p>
<p><a class="link" href="xmlsec-encrypt-template-file.html#xmlsec-example-encrypt1-tmpl" title="encrypt1-tmpl.xml">Simple encryption template file</a></p>
</div>
</div>
<p><br class="example-break">
</p>
</div>
<div class="footer">
<hr>Generated by GTK-Doc V1.27</div>
</body>
</html>