% This LaTeX document was generated using the LaTeX backend of PlDoc,
% The SWI-Prolog documentation system



\subsection{library(xmldsig): XML Digital signature}

\label{sec:xmldsig}

\begin{tags}
\mtag{See also}- \url{http://www.di-mgt.com.au/xmldsig.html} \\- \url{https://www.bmt-online.org/geekisms/RSA_verify} \\- \url{http://stackoverflow.com/questions/5576777/whats-the-difference-between-nid-sha-and-nid-sha1-in-openssl}
\end{tags}

This library deals with \textit{XMLDSIG}, RSA signed XML documents.\vspace{0.7cm}

\begin{description}
    \predicate[det]{xmld_signed_DOM}{3}{+DOM, -SignedDOM, +Options}
Translate an XML \arg{DOM} structure in a signed version. \arg{Options}:

\begin{description}
    \termitem{key_file}{+File}
\arg{File} holding the private key needed to sign
    \termitem{key_password}{+Password}
String holding the password to op the private key.
\end{description}

The \arg{SignedDOM} must be emitted using \predref{xml_write}{3} or
\predref{xml_write_canonical}{3}. If \predref{xml_write}{3} is used, the option
\verb$layout(false)$ is needed to avoid changing the layout of the
\verb$SignedInfo$ element and the signed \arg{DOM}, which will cause the
signature to be invalid.

    \predicate[det]{xmld_verify_signature}{4}{+DOM, +SignatureDOM, -Certificate, +Options}
Confirm that an \verb$ds:Signature$ element contains a valid
signature. \arg{Certificate} is bound to the certificate that appears
in the element if the signature is valid. It is up to the caller
to determine if the certificate is trusted or not.

\textbf{Note}: The \arg{DOM} and \arg{SignatureDOM} must have been obtained using
the \predref{load_structure}{3} option \verb$keep_prefix(true)$ otherwise it is
impossible to generate an identical document for checking the
signature. See also \predref{xml_write_canonical}{3}.
\end{description}