1ae771770SStanislav Sedov<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 2ae771770SStanislav Sedov<html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> 3ae771770SStanislav Sedov<title>Heimdalx509library: hx509 CMS/pkcs7 functions</title> 4ae771770SStanislav Sedov<link href="doxygen.css" rel="stylesheet" type="text/css"> 5ae771770SStanislav Sedov<link href="tabs.css" rel="stylesheet" type="text/css"> 6ae771770SStanislav Sedov</head><body> 7ae771770SStanislav Sedov<p> 8ae771770SStanislav Sedov<a href="http://www.h5l.org/"><img src="http://www.h5l.org/keyhole-heimdal.png" alt="keyhole logo"/></a> 9ae771770SStanislav Sedov</p> 10ae771770SStanislav Sedov<!-- end of header marker --> 11ae771770SStanislav Sedov<!-- Generated by Doxygen 1.5.6 --> 12ae771770SStanislav Sedov<div class="navigation" id="top"> 13ae771770SStanislav Sedov <div class="tabs"> 14ae771770SStanislav Sedov <ul> 15ae771770SStanislav Sedov <li><a href="index.html"><span>Main Page</span></a></li> 16ae771770SStanislav Sedov <li><a href="pages.html"><span>Related Pages</span></a></li> 17ae771770SStanislav Sedov <li><a href="modules.html"><span>Modules</span></a></li> 18ae771770SStanislav Sedov </ul> 19ae771770SStanislav Sedov </div> 20ae771770SStanislav Sedov</div> 21ae771770SStanislav Sedov<div class="contents"> 22ae771770SStanislav Sedov<h1>hx509 CMS/pkcs7 functions</h1><table border="0" cellpadding="0" cellspacing="0"> 23ae771770SStanislav Sedov<tr><td></td></tr> 24ae771770SStanislav Sedov<tr><td colspan="2"><br><h2>Functions</h2></td></tr> 25ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#g59a1f6dc31e384a0d378c8179f2be9c3">hx509_cms_wrap_ContentInfo</a> (const heim_oid *oid, const heim_octet_string *buf, heim_octet_string *res)</td></tr> 26ae771770SStanislav Sedov 27ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#gacbd636f3053c560782d83251f42b71a">hx509_cms_unwrap_ContentInfo</a> (const heim_octet_string *in, heim_oid *oid, heim_octet_string *out, int *have_data)</td></tr> 28ae771770SStanislav Sedov 29ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#gb13d28bf986e3b66c05e7e33799be07b">hx509_cms_unenvelope</a> (hx509_context context, hx509_certs certs, int flags, const void *data, size_t length, const heim_octet_string *encryptedContent, time_t time_now, heim_oid *contentType, heim_octet_string *content)</td></tr> 30ae771770SStanislav Sedov 31ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#g618f32b35fa6f679cc5f32fb8abdbe85">hx509_cms_envelope_1</a> (hx509_context context, int flags, hx509_cert cert, const void *data, size_t length, const heim_oid *encryption_type, const heim_oid *contentType, heim_octet_string *content)</td></tr> 32ae771770SStanislav Sedov 33ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#gedaf18507474021a8d092ca6ac90a1ad">hx509_cms_verify_signed</a> (hx509_context context, hx509_verify_ctx ctx, unsigned int flags, const void *data, size_t length, const heim_octet_string *signedContent, hx509_certs pool, heim_oid *contentType, heim_octet_string *content, hx509_certs *signer_certs)</td></tr> 34ae771770SStanislav Sedov 35ae771770SStanislav Sedov<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#g8dfb6d8d72f6a71caffaf11b9d847921">hx509_cms_create_signed_1</a> (hx509_context context, int flags, const heim_oid *eContentType, const void *data, size_t length, const AlgorithmIdentifier *digest_alg, hx509_cert cert, hx509_peer_info peer, hx509_certs anchors, hx509_certs pool, heim_octet_string *signed_data)</td></tr> 36ae771770SStanislav Sedov 37ae771770SStanislav Sedov</table> 38ae771770SStanislav Sedov<hr><a name="_details"></a><h2>Detailed Description</h2> 39ae771770SStanislav SedovSee the <a class="el" href="page_cms.html">CMS/PKCS7 message functions.</a> for description and examples. <hr><h2>Function Documentation</h2> 40ae771770SStanislav Sedov<a class="anchor" name="g8dfb6d8d72f6a71caffaf11b9d847921"></a><!-- doxytag: member="cms.c::hx509_cms_create_signed_1" ref="g8dfb6d8d72f6a71caffaf11b9d847921" args="(hx509_context context, int flags, const heim_oid *eContentType, const void *data, size_t length, const AlgorithmIdentifier *digest_alg, hx509_cert cert, hx509_peer_info peer, hx509_certs anchors, hx509_certs pool, heim_octet_string *signed_data)" --> 41ae771770SStanislav Sedov<div class="memitem"> 42ae771770SStanislav Sedov<div class="memproto"> 43ae771770SStanislav Sedov <table class="memname"> 44ae771770SStanislav Sedov <tr> 45ae771770SStanislav Sedov <td class="memname">int hx509_cms_create_signed_1 </td> 46ae771770SStanislav Sedov <td>(</td> 47ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 48ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 49ae771770SStanislav Sedov </tr> 50ae771770SStanislav Sedov <tr> 51ae771770SStanislav Sedov <td class="paramkey"></td> 52ae771770SStanislav Sedov <td></td> 53ae771770SStanislav Sedov <td class="paramtype">int </td> 54ae771770SStanislav Sedov <td class="paramname"> <em>flags</em>, </td> 55ae771770SStanislav Sedov </tr> 56ae771770SStanislav Sedov <tr> 57ae771770SStanislav Sedov <td class="paramkey"></td> 58ae771770SStanislav Sedov <td></td> 59ae771770SStanislav Sedov <td class="paramtype">const heim_oid * </td> 60ae771770SStanislav Sedov <td class="paramname"> <em>eContentType</em>, </td> 61ae771770SStanislav Sedov </tr> 62ae771770SStanislav Sedov <tr> 63ae771770SStanislav Sedov <td class="paramkey"></td> 64ae771770SStanislav Sedov <td></td> 65ae771770SStanislav Sedov <td class="paramtype">const void * </td> 66ae771770SStanislav Sedov <td class="paramname"> <em>data</em>, </td> 67ae771770SStanislav Sedov </tr> 68ae771770SStanislav Sedov <tr> 69ae771770SStanislav Sedov <td class="paramkey"></td> 70ae771770SStanislav Sedov <td></td> 71ae771770SStanislav Sedov <td class="paramtype">size_t </td> 72ae771770SStanislav Sedov <td class="paramname"> <em>length</em>, </td> 73ae771770SStanislav Sedov </tr> 74ae771770SStanislav Sedov <tr> 75ae771770SStanislav Sedov <td class="paramkey"></td> 76ae771770SStanislav Sedov <td></td> 77ae771770SStanislav Sedov <td class="paramtype">const AlgorithmIdentifier * </td> 78ae771770SStanislav Sedov <td class="paramname"> <em>digest_alg</em>, </td> 79ae771770SStanislav Sedov </tr> 80ae771770SStanislav Sedov <tr> 81ae771770SStanislav Sedov <td class="paramkey"></td> 82ae771770SStanislav Sedov <td></td> 83ae771770SStanislav Sedov <td class="paramtype">hx509_cert </td> 84ae771770SStanislav Sedov <td class="paramname"> <em>cert</em>, </td> 85ae771770SStanislav Sedov </tr> 86ae771770SStanislav Sedov <tr> 87ae771770SStanislav Sedov <td class="paramkey"></td> 88ae771770SStanislav Sedov <td></td> 89ae771770SStanislav Sedov <td class="paramtype">hx509_peer_info </td> 90ae771770SStanislav Sedov <td class="paramname"> <em>peer</em>, </td> 91ae771770SStanislav Sedov </tr> 92ae771770SStanislav Sedov <tr> 93ae771770SStanislav Sedov <td class="paramkey"></td> 94ae771770SStanislav Sedov <td></td> 95ae771770SStanislav Sedov <td class="paramtype">hx509_certs </td> 96ae771770SStanislav Sedov <td class="paramname"> <em>anchors</em>, </td> 97ae771770SStanislav Sedov </tr> 98ae771770SStanislav Sedov <tr> 99ae771770SStanislav Sedov <td class="paramkey"></td> 100ae771770SStanislav Sedov <td></td> 101ae771770SStanislav Sedov <td class="paramtype">hx509_certs </td> 102ae771770SStanislav Sedov <td class="paramname"> <em>pool</em>, </td> 103ae771770SStanislav Sedov </tr> 104ae771770SStanislav Sedov <tr> 105ae771770SStanislav Sedov <td class="paramkey"></td> 106ae771770SStanislav Sedov <td></td> 107ae771770SStanislav Sedov <td class="paramtype">heim_octet_string * </td> 108ae771770SStanislav Sedov <td class="paramname"> <em>signed_data</em></td><td> </td> 109ae771770SStanislav Sedov </tr> 110ae771770SStanislav Sedov <tr> 111ae771770SStanislav Sedov <td></td> 112ae771770SStanislav Sedov <td>)</td> 113ae771770SStanislav Sedov <td></td><td></td><td></td> 114ae771770SStanislav Sedov </tr> 115ae771770SStanislav Sedov </table> 116ae771770SStanislav Sedov</div> 117ae771770SStanislav Sedov<div class="memdoc"> 118ae771770SStanislav Sedov 119ae771770SStanislav Sedov<p> 120ae771770SStanislav SedovDecode SignedData and verify that the signature is correct.<p> 121ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 122ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 123ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr> 124ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>flags</em> </td><td></td></tr> 125ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>eContentType</em> </td><td>the type of the data. </td></tr> 126ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>data</em> </td><td>data to sign </td></tr> 127ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>length</em> </td><td>length of the data that data point to. </td></tr> 128ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>digest_alg</em> </td><td>digest algorithm to use, use NULL to get the default or the peer determined algorithm. </td></tr> 129ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>cert</em> </td><td>certificate to use for sign the data. </td></tr> 130ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>peer</em> </td><td>info about the peer the message to send the message to, like what digest algorithm to use. </td></tr> 131ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>anchors</em> </td><td>trust anchors that the client will use, used to polulate the certificates included in the message </td></tr> 132ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>pool</em> </td><td>certificates to use in try to build the path to the trust anchors. </td></tr> 133ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>signed_data</em> </td><td>the output of the function, free with der_free_octet_string(). </td></tr> 134ae771770SStanislav Sedov </table> 135ae771770SStanislav Sedov</dl> 136ae771770SStanislav Sedov 137ae771770SStanislav Sedov</div> 138ae771770SStanislav Sedov</div><p> 139ae771770SStanislav Sedov<a class="anchor" name="g618f32b35fa6f679cc5f32fb8abdbe85"></a><!-- doxytag: member="cms.c::hx509_cms_envelope_1" ref="g618f32b35fa6f679cc5f32fb8abdbe85" args="(hx509_context context, int flags, hx509_cert cert, const void *data, size_t length, const heim_oid *encryption_type, const heim_oid *contentType, heim_octet_string *content)" --> 140ae771770SStanislav Sedov<div class="memitem"> 141ae771770SStanislav Sedov<div class="memproto"> 142ae771770SStanislav Sedov <table class="memname"> 143ae771770SStanislav Sedov <tr> 144ae771770SStanislav Sedov <td class="memname">int hx509_cms_envelope_1 </td> 145ae771770SStanislav Sedov <td>(</td> 146ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 147ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 148ae771770SStanislav Sedov </tr> 149ae771770SStanislav Sedov <tr> 150ae771770SStanislav Sedov <td class="paramkey"></td> 151ae771770SStanislav Sedov <td></td> 152ae771770SStanislav Sedov <td class="paramtype">int </td> 153ae771770SStanislav Sedov <td class="paramname"> <em>flags</em>, </td> 154ae771770SStanislav Sedov </tr> 155ae771770SStanislav Sedov <tr> 156ae771770SStanislav Sedov <td class="paramkey"></td> 157ae771770SStanislav Sedov <td></td> 158ae771770SStanislav Sedov <td class="paramtype">hx509_cert </td> 159ae771770SStanislav Sedov <td class="paramname"> <em>cert</em>, </td> 160ae771770SStanislav Sedov </tr> 161ae771770SStanislav Sedov <tr> 162ae771770SStanislav Sedov <td class="paramkey"></td> 163ae771770SStanislav Sedov <td></td> 164ae771770SStanislav Sedov <td class="paramtype">const void * </td> 165ae771770SStanislav Sedov <td class="paramname"> <em>data</em>, </td> 166ae771770SStanislav Sedov </tr> 167ae771770SStanislav Sedov <tr> 168ae771770SStanislav Sedov <td class="paramkey"></td> 169ae771770SStanislav Sedov <td></td> 170ae771770SStanislav Sedov <td class="paramtype">size_t </td> 171ae771770SStanislav Sedov <td class="paramname"> <em>length</em>, </td> 172ae771770SStanislav Sedov </tr> 173ae771770SStanislav Sedov <tr> 174ae771770SStanislav Sedov <td class="paramkey"></td> 175ae771770SStanislav Sedov <td></td> 176ae771770SStanislav Sedov <td class="paramtype">const heim_oid * </td> 177ae771770SStanislav Sedov <td class="paramname"> <em>encryption_type</em>, </td> 178ae771770SStanislav Sedov </tr> 179ae771770SStanislav Sedov <tr> 180ae771770SStanislav Sedov <td class="paramkey"></td> 181ae771770SStanislav Sedov <td></td> 182ae771770SStanislav Sedov <td class="paramtype">const heim_oid * </td> 183ae771770SStanislav Sedov <td class="paramname"> <em>contentType</em>, </td> 184ae771770SStanislav Sedov </tr> 185ae771770SStanislav Sedov <tr> 186ae771770SStanislav Sedov <td class="paramkey"></td> 187ae771770SStanislav Sedov <td></td> 188ae771770SStanislav Sedov <td class="paramtype">heim_octet_string * </td> 189ae771770SStanislav Sedov <td class="paramname"> <em>content</em></td><td> </td> 190ae771770SStanislav Sedov </tr> 191ae771770SStanislav Sedov <tr> 192ae771770SStanislav Sedov <td></td> 193ae771770SStanislav Sedov <td>)</td> 194ae771770SStanislav Sedov <td></td><td></td><td></td> 195ae771770SStanislav Sedov </tr> 196ae771770SStanislav Sedov </table> 197ae771770SStanislav Sedov</div> 198ae771770SStanislav Sedov<div class="memdoc"> 199ae771770SStanislav Sedov 200ae771770SStanislav Sedov<p> 201ae771770SStanislav SedovEncrypt end encode EnvelopedData.<p> 202ae771770SStanislav SedovEncrypt and encode EnvelopedData. The data is encrypted with a random key and the the random key is encrypted with the certificates private key. This limits what private key type can be used to RSA.<p> 203ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 204ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 205ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr> 206ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>flags</em> </td><td>flags to control the behavior.<ul> 207ae771770SStanislav Sedov<li>HX509_CMS_EV_NO_KU_CHECK - Dont check KU on certificate</li><li>HX509_CMS_EV_ALLOW_WEAK - Allow weak crytpo</li><li>HX509_CMS_EV_ID_NAME - prefer issuer name and serial number </li></ul> 208ae771770SStanislav Sedov</td></tr> 209ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>cert</em> </td><td>Certificate to encrypt the EnvelopedData encryption key with. </td></tr> 210ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>data</em> </td><td>pointer the data to encrypt. </td></tr> 211ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>length</em> </td><td>length of the data that data point to. </td></tr> 212ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>encryption_type</em> </td><td>Encryption cipher to use for the bulk data, use NULL to get default. </td></tr> 213ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>contentType</em> </td><td>type of the data that is encrypted </td></tr> 214ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>content</em> </td><td>the output of the function, free with der_free_octet_string(). </td></tr> 215ae771770SStanislav Sedov </table> 216ae771770SStanislav Sedov</dl> 217ae771770SStanislav Sedov 218ae771770SStanislav Sedov</div> 219ae771770SStanislav Sedov</div><p> 220ae771770SStanislav Sedov<a class="anchor" name="gb13d28bf986e3b66c05e7e33799be07b"></a><!-- doxytag: member="cms.c::hx509_cms_unenvelope" ref="gb13d28bf986e3b66c05e7e33799be07b" args="(hx509_context context, hx509_certs certs, int flags, const void *data, size_t length, const heim_octet_string *encryptedContent, time_t time_now, heim_oid *contentType, heim_octet_string *content)" --> 221ae771770SStanislav Sedov<div class="memitem"> 222ae771770SStanislav Sedov<div class="memproto"> 223ae771770SStanislav Sedov <table class="memname"> 224ae771770SStanislav Sedov <tr> 225ae771770SStanislav Sedov <td class="memname">int hx509_cms_unenvelope </td> 226ae771770SStanislav Sedov <td>(</td> 227ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 228ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 229ae771770SStanislav Sedov </tr> 230ae771770SStanislav Sedov <tr> 231ae771770SStanislav Sedov <td class="paramkey"></td> 232ae771770SStanislav Sedov <td></td> 233ae771770SStanislav Sedov <td class="paramtype">hx509_certs </td> 234ae771770SStanislav Sedov <td class="paramname"> <em>certs</em>, </td> 235ae771770SStanislav Sedov </tr> 236ae771770SStanislav Sedov <tr> 237ae771770SStanislav Sedov <td class="paramkey"></td> 238ae771770SStanislav Sedov <td></td> 239ae771770SStanislav Sedov <td class="paramtype">int </td> 240ae771770SStanislav Sedov <td class="paramname"> <em>flags</em>, </td> 241ae771770SStanislav Sedov </tr> 242ae771770SStanislav Sedov <tr> 243ae771770SStanislav Sedov <td class="paramkey"></td> 244ae771770SStanislav Sedov <td></td> 245ae771770SStanislav Sedov <td class="paramtype">const void * </td> 246ae771770SStanislav Sedov <td class="paramname"> <em>data</em>, </td> 247ae771770SStanislav Sedov </tr> 248ae771770SStanislav Sedov <tr> 249ae771770SStanislav Sedov <td class="paramkey"></td> 250ae771770SStanislav Sedov <td></td> 251ae771770SStanislav Sedov <td class="paramtype">size_t </td> 252ae771770SStanislav Sedov <td class="paramname"> <em>length</em>, </td> 253ae771770SStanislav Sedov </tr> 254ae771770SStanislav Sedov <tr> 255ae771770SStanislav Sedov <td class="paramkey"></td> 256ae771770SStanislav Sedov <td></td> 257ae771770SStanislav Sedov <td class="paramtype">const heim_octet_string * </td> 258ae771770SStanislav Sedov <td class="paramname"> <em>encryptedContent</em>, </td> 259ae771770SStanislav Sedov </tr> 260ae771770SStanislav Sedov <tr> 261ae771770SStanislav Sedov <td class="paramkey"></td> 262ae771770SStanislav Sedov <td></td> 263ae771770SStanislav Sedov <td class="paramtype">time_t </td> 264ae771770SStanislav Sedov <td class="paramname"> <em>time_now</em>, </td> 265ae771770SStanislav Sedov </tr> 266ae771770SStanislav Sedov <tr> 267ae771770SStanislav Sedov <td class="paramkey"></td> 268ae771770SStanislav Sedov <td></td> 269ae771770SStanislav Sedov <td class="paramtype">heim_oid * </td> 270ae771770SStanislav Sedov <td class="paramname"> <em>contentType</em>, </td> 271ae771770SStanislav Sedov </tr> 272ae771770SStanislav Sedov <tr> 273ae771770SStanislav Sedov <td class="paramkey"></td> 274ae771770SStanislav Sedov <td></td> 275ae771770SStanislav Sedov <td class="paramtype">heim_octet_string * </td> 276ae771770SStanislav Sedov <td class="paramname"> <em>content</em></td><td> </td> 277ae771770SStanislav Sedov </tr> 278ae771770SStanislav Sedov <tr> 279ae771770SStanislav Sedov <td></td> 280ae771770SStanislav Sedov <td>)</td> 281ae771770SStanislav Sedov <td></td><td></td><td></td> 282ae771770SStanislav Sedov </tr> 283ae771770SStanislav Sedov </table> 284ae771770SStanislav Sedov</div> 285ae771770SStanislav Sedov<div class="memdoc"> 286ae771770SStanislav Sedov 287ae771770SStanislav Sedov<p> 288ae771770SStanislav SedovDecode and unencrypt EnvelopedData.<p> 289ae771770SStanislav SedovExtract data and parameteres from from the EnvelopedData. Also supports using detached EnvelopedData.<p> 290ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 291ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 292ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr> 293ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>certs</em> </td><td>Certificate that can decrypt the EnvelopedData encryption key. </td></tr> 294ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>flags</em> </td><td>HX509_CMS_UE flags to control the behavior. </td></tr> 295ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>data</em> </td><td>pointer the structure the contains the DER/BER encoded EnvelopedData stucture. </td></tr> 296ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>length</em> </td><td>length of the data that data point to. </td></tr> 297ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>encryptedContent</em> </td><td>in case of detached signature, this contains the actual encrypted data, othersize its should be NULL. </td></tr> 298ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>time_now</em> </td><td>set the current time, if zero the library uses now as the date. </td></tr> 299ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>contentType</em> </td><td>output type oid, should be freed with der_free_oid(). </td></tr> 300ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>content</em> </td><td>the data, free with der_free_octet_string(). </td></tr> 301ae771770SStanislav Sedov </table> 302ae771770SStanislav Sedov</dl> 303ae771770SStanislav Sedov 304ae771770SStanislav Sedov</div> 305ae771770SStanislav Sedov</div><p> 306ae771770SStanislav Sedov<a class="anchor" name="gacbd636f3053c560782d83251f42b71a"></a><!-- doxytag: member="cms.c::hx509_cms_unwrap_ContentInfo" ref="gacbd636f3053c560782d83251f42b71a" args="(const heim_octet_string *in, heim_oid *oid, heim_octet_string *out, int *have_data)" --> 307ae771770SStanislav Sedov<div class="memitem"> 308ae771770SStanislav Sedov<div class="memproto"> 309ae771770SStanislav Sedov <table class="memname"> 310ae771770SStanislav Sedov <tr> 311ae771770SStanislav Sedov <td class="memname">int hx509_cms_unwrap_ContentInfo </td> 312ae771770SStanislav Sedov <td>(</td> 313ae771770SStanislav Sedov <td class="paramtype">const heim_octet_string * </td> 314ae771770SStanislav Sedov <td class="paramname"> <em>in</em>, </td> 315ae771770SStanislav Sedov </tr> 316ae771770SStanislav Sedov <tr> 317ae771770SStanislav Sedov <td class="paramkey"></td> 318ae771770SStanislav Sedov <td></td> 319ae771770SStanislav Sedov <td class="paramtype">heim_oid * </td> 320ae771770SStanislav Sedov <td class="paramname"> <em>oid</em>, </td> 321ae771770SStanislav Sedov </tr> 322ae771770SStanislav Sedov <tr> 323ae771770SStanislav Sedov <td class="paramkey"></td> 324ae771770SStanislav Sedov <td></td> 325ae771770SStanislav Sedov <td class="paramtype">heim_octet_string * </td> 326ae771770SStanislav Sedov <td class="paramname"> <em>out</em>, </td> 327ae771770SStanislav Sedov </tr> 328ae771770SStanislav Sedov <tr> 329ae771770SStanislav Sedov <td class="paramkey"></td> 330ae771770SStanislav Sedov <td></td> 331ae771770SStanislav Sedov <td class="paramtype">int * </td> 332ae771770SStanislav Sedov <td class="paramname"> <em>have_data</em></td><td> </td> 333ae771770SStanislav Sedov </tr> 334ae771770SStanislav Sedov <tr> 335ae771770SStanislav Sedov <td></td> 336ae771770SStanislav Sedov <td>)</td> 337ae771770SStanislav Sedov <td></td><td></td><td></td> 338ae771770SStanislav Sedov </tr> 339ae771770SStanislav Sedov </table> 340ae771770SStanislav Sedov</div> 341ae771770SStanislav Sedov<div class="memdoc"> 342ae771770SStanislav Sedov 343ae771770SStanislav Sedov<p> 344ae771770SStanislav SedovDecode an ContentInfo and unwrap data and oid it.<p> 345ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 346ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 347ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>in</em> </td><td>the encoded buffer. </td></tr> 348ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>oid</em> </td><td>type of the content. </td></tr> 349ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>out</em> </td><td>data to be wrapped. </td></tr> 350ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>have_data</em> </td><td>since the data is optional, this flags show dthe diffrence between no data and the zero length data.</td></tr> 351ae771770SStanislav Sedov </table> 352ae771770SStanislav Sedov</dl> 353ae771770SStanislav Sedov<dl class="return" compact><dt><b>Returns:</b></dt><dd>Returns an hx509 error code. </dd></dl> 354ae771770SStanislav Sedov 355ae771770SStanislav Sedov</div> 356ae771770SStanislav Sedov</div><p> 357ae771770SStanislav Sedov<a class="anchor" name="gedaf18507474021a8d092ca6ac90a1ad"></a><!-- doxytag: member="cms.c::hx509_cms_verify_signed" ref="gedaf18507474021a8d092ca6ac90a1ad" args="(hx509_context context, hx509_verify_ctx ctx, unsigned int flags, const void *data, size_t length, const heim_octet_string *signedContent, hx509_certs pool, heim_oid *contentType, heim_octet_string *content, hx509_certs *signer_certs)" --> 358ae771770SStanislav Sedov<div class="memitem"> 359ae771770SStanislav Sedov<div class="memproto"> 360ae771770SStanislav Sedov <table class="memname"> 361ae771770SStanislav Sedov <tr> 362ae771770SStanislav Sedov <td class="memname">int hx509_cms_verify_signed </td> 363ae771770SStanislav Sedov <td>(</td> 364ae771770SStanislav Sedov <td class="paramtype">hx509_context </td> 365ae771770SStanislav Sedov <td class="paramname"> <em>context</em>, </td> 366ae771770SStanislav Sedov </tr> 367ae771770SStanislav Sedov <tr> 368ae771770SStanislav Sedov <td class="paramkey"></td> 369ae771770SStanislav Sedov <td></td> 370ae771770SStanislav Sedov <td class="paramtype">hx509_verify_ctx </td> 371ae771770SStanislav Sedov <td class="paramname"> <em>ctx</em>, </td> 372ae771770SStanislav Sedov </tr> 373ae771770SStanislav Sedov <tr> 374ae771770SStanislav Sedov <td class="paramkey"></td> 375ae771770SStanislav Sedov <td></td> 376ae771770SStanislav Sedov <td class="paramtype">unsigned int </td> 377ae771770SStanislav Sedov <td class="paramname"> <em>flags</em>, </td> 378ae771770SStanislav Sedov </tr> 379ae771770SStanislav Sedov <tr> 380ae771770SStanislav Sedov <td class="paramkey"></td> 381ae771770SStanislav Sedov <td></td> 382ae771770SStanislav Sedov <td class="paramtype">const void * </td> 383ae771770SStanislav Sedov <td class="paramname"> <em>data</em>, </td> 384ae771770SStanislav Sedov </tr> 385ae771770SStanislav Sedov <tr> 386ae771770SStanislav Sedov <td class="paramkey"></td> 387ae771770SStanislav Sedov <td></td> 388ae771770SStanislav Sedov <td class="paramtype">size_t </td> 389ae771770SStanislav Sedov <td class="paramname"> <em>length</em>, </td> 390ae771770SStanislav Sedov </tr> 391ae771770SStanislav Sedov <tr> 392ae771770SStanislav Sedov <td class="paramkey"></td> 393ae771770SStanislav Sedov <td></td> 394ae771770SStanislav Sedov <td class="paramtype">const heim_octet_string * </td> 395ae771770SStanislav Sedov <td class="paramname"> <em>signedContent</em>, </td> 396ae771770SStanislav Sedov </tr> 397ae771770SStanislav Sedov <tr> 398ae771770SStanislav Sedov <td class="paramkey"></td> 399ae771770SStanislav Sedov <td></td> 400ae771770SStanislav Sedov <td class="paramtype">hx509_certs </td> 401ae771770SStanislav Sedov <td class="paramname"> <em>pool</em>, </td> 402ae771770SStanislav Sedov </tr> 403ae771770SStanislav Sedov <tr> 404ae771770SStanislav Sedov <td class="paramkey"></td> 405ae771770SStanislav Sedov <td></td> 406ae771770SStanislav Sedov <td class="paramtype">heim_oid * </td> 407ae771770SStanislav Sedov <td class="paramname"> <em>contentType</em>, </td> 408ae771770SStanislav Sedov </tr> 409ae771770SStanislav Sedov <tr> 410ae771770SStanislav Sedov <td class="paramkey"></td> 411ae771770SStanislav Sedov <td></td> 412ae771770SStanislav Sedov <td class="paramtype">heim_octet_string * </td> 413ae771770SStanislav Sedov <td class="paramname"> <em>content</em>, </td> 414ae771770SStanislav Sedov </tr> 415ae771770SStanislav Sedov <tr> 416ae771770SStanislav Sedov <td class="paramkey"></td> 417ae771770SStanislav Sedov <td></td> 418ae771770SStanislav Sedov <td class="paramtype">hx509_certs * </td> 419ae771770SStanislav Sedov <td class="paramname"> <em>signer_certs</em></td><td> </td> 420ae771770SStanislav Sedov </tr> 421ae771770SStanislav Sedov <tr> 422ae771770SStanislav Sedov <td></td> 423ae771770SStanislav Sedov <td>)</td> 424ae771770SStanislav Sedov <td></td><td></td><td></td> 425ae771770SStanislav Sedov </tr> 426ae771770SStanislav Sedov </table> 427ae771770SStanislav Sedov</div> 428ae771770SStanislav Sedov<div class="memdoc"> 429ae771770SStanislav Sedov 430ae771770SStanislav Sedov<p> 431ae771770SStanislav SedovDecode SignedData and verify that the signature is correct.<p> 432ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 433ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 434ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr> 435ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>ctx</em> </td><td>a hx509 verify context. </td></tr> 436ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>flags</em> </td><td>to control the behaivor of the function.<ul> 437ae771770SStanislav Sedov<li>HX509_CMS_VS_NO_KU_CHECK - Don't check KeyUsage</li><li>HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH - allow oid mismatch</li><li>HX509_CMS_VS_ALLOW_ZERO_SIGNER - no signer, see below. </li></ul> 438ae771770SStanislav Sedov</td></tr> 439ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>data</em> </td><td>pointer to CMS SignedData encoded data. </td></tr> 440ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>length</em> </td><td>length of the data that data point to. </td></tr> 441ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>signedContent</em> </td><td>external data used for signature. </td></tr> 442ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>pool</em> </td><td>certificate pool to build certificates paths. </td></tr> 443ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>contentType</em> </td><td>free with der_free_oid(). </td></tr> 444ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>content</em> </td><td>the output of the function, free with der_free_octet_string(). </td></tr> 445ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>signer_certs</em> </td><td>list of the cerficates used to sign this request, free with <a class="el" href="group__hx509__keyset.html#ga3df96cfe4137beaea7e7b87b95dbe3f">hx509_certs_free()</a>. </td></tr> 446ae771770SStanislav Sedov </table> 447ae771770SStanislav Sedov</dl> 448ae771770SStanislav Sedov 449ae771770SStanislav Sedov<p> 450ae771770SStanislav SedovIf HX509_CMS_VS_NO_KU_CHECK is set, allow more liberal search for matching certificates by not considering KeyUsage bits on the certificates.<p> 451ae771770SStanislav SedovIf HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH, allow encapContentInfo mismatch with the oid in signedAttributes (or if no signedAttributes where use, pkcs7-data oid). This is only needed to work with broken CMS implementations that doesn't follow CMS signedAttributes rules.<p> 452ae771770SStanislav SedovIf HX509_CMS_VS_NO_VALIDATE flags is set, do not verify the signing certificates and leave that up to the caller.<p> 453ae771770SStanislav SedovIf HX509_CMS_VS_ALLOW_ZERO_SIGNER is set, allow empty SignerInfo (no signatures). If SignedData have no signatures, the function will return 0 with signer_certs set to NULL. Zero signers is allowed by the standard, but since its only useful in corner cases, it make into a flag that the caller have to turn on. 454ae771770SStanislav Sedov</div> 455ae771770SStanislav Sedov</div><p> 456ae771770SStanislav Sedov<a class="anchor" name="g59a1f6dc31e384a0d378c8179f2be9c3"></a><!-- doxytag: member="cms.c::hx509_cms_wrap_ContentInfo" ref="g59a1f6dc31e384a0d378c8179f2be9c3" args="(const heim_oid *oid, const heim_octet_string *buf, heim_octet_string *res)" --> 457ae771770SStanislav Sedov<div class="memitem"> 458ae771770SStanislav Sedov<div class="memproto"> 459ae771770SStanislav Sedov <table class="memname"> 460ae771770SStanislav Sedov <tr> 461ae771770SStanislav Sedov <td class="memname">int hx509_cms_wrap_ContentInfo </td> 462ae771770SStanislav Sedov <td>(</td> 463ae771770SStanislav Sedov <td class="paramtype">const heim_oid * </td> 464ae771770SStanislav Sedov <td class="paramname"> <em>oid</em>, </td> 465ae771770SStanislav Sedov </tr> 466ae771770SStanislav Sedov <tr> 467ae771770SStanislav Sedov <td class="paramkey"></td> 468ae771770SStanislav Sedov <td></td> 469ae771770SStanislav Sedov <td class="paramtype">const heim_octet_string * </td> 470ae771770SStanislav Sedov <td class="paramname"> <em>buf</em>, </td> 471ae771770SStanislav Sedov </tr> 472ae771770SStanislav Sedov <tr> 473ae771770SStanislav Sedov <td class="paramkey"></td> 474ae771770SStanislav Sedov <td></td> 475ae771770SStanislav Sedov <td class="paramtype">heim_octet_string * </td> 476ae771770SStanislav Sedov <td class="paramname"> <em>res</em></td><td> </td> 477ae771770SStanislav Sedov </tr> 478ae771770SStanislav Sedov <tr> 479ae771770SStanislav Sedov <td></td> 480ae771770SStanislav Sedov <td>)</td> 481ae771770SStanislav Sedov <td></td><td></td><td></td> 482ae771770SStanislav Sedov </tr> 483ae771770SStanislav Sedov </table> 484ae771770SStanislav Sedov</div> 485ae771770SStanislav Sedov<div class="memdoc"> 486ae771770SStanislav Sedov 487ae771770SStanislav Sedov<p> 488ae771770SStanislav SedovWrap data and oid in a ContentInfo and encode it.<p> 489ae771770SStanislav Sedov<dl compact><dt><b>Parameters:</b></dt><dd> 490ae771770SStanislav Sedov <table border="0" cellspacing="2" cellpadding="0"> 491ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>oid</em> </td><td>type of the content. </td></tr> 492ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>buf</em> </td><td>data to be wrapped. If a NULL pointer is passed in, the optional content field in the ContentInfo is not going be filled in. </td></tr> 493ae771770SStanislav Sedov <tr><td valign="top"></td><td valign="top"><em>res</em> </td><td>the encoded buffer, the result should be freed with der_free_octet_string().</td></tr> 494ae771770SStanislav Sedov </table> 495ae771770SStanislav Sedov</dl> 496ae771770SStanislav Sedov<dl class="return" compact><dt><b>Returns:</b></dt><dd>Returns an hx509 error code. </dd></dl> 497ae771770SStanislav Sedov 498ae771770SStanislav Sedov</div> 499ae771770SStanislav Sedov</div><p> 500ae771770SStanislav Sedov</div> 501ae771770SStanislav Sedov<hr size="1"><address style="text-align: right;"><small> 502*cf771f22SStanislav SedovGenerated on Wed Jan 11 14:07:40 2012 for Heimdalx509library by <a href="http://www.doxygen.org/index.html"><img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.6</small></address> 503ae771770SStanislav Sedov</body> 504ae771770SStanislav Sedov</html> 505
