xref: /freebsd/crypto/heimdal/doc/doxyout/hx509/html/group__hx509__cms.html (revision ebacd8013fe5f7fdf9f6a5b286f6680dd2891036)
1<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2<html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
3<title>Heimdalx509library: hx509 CMS/pkcs7 functions</title>
4<link href="doxygen.css" rel="stylesheet" type="text/css">
5<link href="tabs.css" rel="stylesheet" type="text/css">
6</head><body>
7<p>
8<a href="http://www.h5l.org/"><img src="http://www.h5l.org/keyhole-heimdal.png" alt="keyhole logo"/></a>
9</p>
10<!-- end of header marker -->
11<!-- Generated by Doxygen 1.5.6 -->
12<div class="navigation" id="top">
13  <div class="tabs">
14    <ul>
15      <li><a href="index.html"><span>Main&nbsp;Page</span></a></li>
16      <li><a href="pages.html"><span>Related&nbsp;Pages</span></a></li>
17      <li><a href="modules.html"><span>Modules</span></a></li>
18    </ul>
19  </div>
20</div>
21<div class="contents">
22<h1>hx509 CMS/pkcs7 functions</h1><table border="0" cellpadding="0" cellspacing="0">
23<tr><td></td></tr>
24<tr><td colspan="2"><br><h2>Functions</h2></td></tr>
25<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#g59a1f6dc31e384a0d378c8179f2be9c3">hx509_cms_wrap_ContentInfo</a> (const heim_oid *oid, const heim_octet_string *buf, heim_octet_string *res)</td></tr>
26
27<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#gacbd636f3053c560782d83251f42b71a">hx509_cms_unwrap_ContentInfo</a> (const heim_octet_string *in, heim_oid *oid, heim_octet_string *out, int *have_data)</td></tr>
28
29<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#gb13d28bf986e3b66c05e7e33799be07b">hx509_cms_unenvelope</a> (hx509_context context, hx509_certs certs, int flags, const void *data, size_t length, const heim_octet_string *encryptedContent, time_t time_now, heim_oid *contentType, heim_octet_string *content)</td></tr>
30
31<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#g618f32b35fa6f679cc5f32fb8abdbe85">hx509_cms_envelope_1</a> (hx509_context context, int flags, hx509_cert cert, const void *data, size_t length, const heim_oid *encryption_type, const heim_oid *contentType, heim_octet_string *content)</td></tr>
32
33<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#gedaf18507474021a8d092ca6ac90a1ad">hx509_cms_verify_signed</a> (hx509_context context, hx509_verify_ctx ctx, unsigned int flags, const void *data, size_t length, const heim_octet_string *signedContent, hx509_certs pool, heim_oid *contentType, heim_octet_string *content, hx509_certs *signer_certs)</td></tr>
34
35<tr><td class="memItemLeft" nowrap align="right" valign="top">int&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#g8dfb6d8d72f6a71caffaf11b9d847921">hx509_cms_create_signed_1</a> (hx509_context context, int flags, const heim_oid *eContentType, const void *data, size_t length, const AlgorithmIdentifier *digest_alg, hx509_cert cert, hx509_peer_info peer, hx509_certs anchors, hx509_certs pool, heim_octet_string *signed_data)</td></tr>
36
37</table>
38<hr><a name="_details"></a><h2>Detailed Description</h2>
39See the <a class="el" href="page_cms.html">CMS/PKCS7 message functions.</a> for description and examples. <hr><h2>Function Documentation</h2>
40<a class="anchor" name="g8dfb6d8d72f6a71caffaf11b9d847921"></a><!-- doxytag: member="cms.c::hx509_cms_create_signed_1" ref="g8dfb6d8d72f6a71caffaf11b9d847921" args="(hx509_context context, int flags, const heim_oid *eContentType, const void *data, size_t length, const AlgorithmIdentifier *digest_alg, hx509_cert cert, hx509_peer_info peer, hx509_certs anchors, hx509_certs pool, heim_octet_string *signed_data)" -->
41<div class="memitem">
42<div class="memproto">
43      <table class="memname">
44        <tr>
45          <td class="memname">int hx509_cms_create_signed_1           </td>
46          <td>(</td>
47          <td class="paramtype">hx509_context&nbsp;</td>
48          <td class="paramname"> <em>context</em>, </td>
49        </tr>
50        <tr>
51          <td class="paramkey"></td>
52          <td></td>
53          <td class="paramtype">int&nbsp;</td>
54          <td class="paramname"> <em>flags</em>, </td>
55        </tr>
56        <tr>
57          <td class="paramkey"></td>
58          <td></td>
59          <td class="paramtype">const heim_oid *&nbsp;</td>
60          <td class="paramname"> <em>eContentType</em>, </td>
61        </tr>
62        <tr>
63          <td class="paramkey"></td>
64          <td></td>
65          <td class="paramtype">const void *&nbsp;</td>
66          <td class="paramname"> <em>data</em>, </td>
67        </tr>
68        <tr>
69          <td class="paramkey"></td>
70          <td></td>
71          <td class="paramtype">size_t&nbsp;</td>
72          <td class="paramname"> <em>length</em>, </td>
73        </tr>
74        <tr>
75          <td class="paramkey"></td>
76          <td></td>
77          <td class="paramtype">const AlgorithmIdentifier *&nbsp;</td>
78          <td class="paramname"> <em>digest_alg</em>, </td>
79        </tr>
80        <tr>
81          <td class="paramkey"></td>
82          <td></td>
83          <td class="paramtype">hx509_cert&nbsp;</td>
84          <td class="paramname"> <em>cert</em>, </td>
85        </tr>
86        <tr>
87          <td class="paramkey"></td>
88          <td></td>
89          <td class="paramtype">hx509_peer_info&nbsp;</td>
90          <td class="paramname"> <em>peer</em>, </td>
91        </tr>
92        <tr>
93          <td class="paramkey"></td>
94          <td></td>
95          <td class="paramtype">hx509_certs&nbsp;</td>
96          <td class="paramname"> <em>anchors</em>, </td>
97        </tr>
98        <tr>
99          <td class="paramkey"></td>
100          <td></td>
101          <td class="paramtype">hx509_certs&nbsp;</td>
102          <td class="paramname"> <em>pool</em>, </td>
103        </tr>
104        <tr>
105          <td class="paramkey"></td>
106          <td></td>
107          <td class="paramtype">heim_octet_string *&nbsp;</td>
108          <td class="paramname"> <em>signed_data</em></td><td>&nbsp;</td>
109        </tr>
110        <tr>
111          <td></td>
112          <td>)</td>
113          <td></td><td></td><td></td>
114        </tr>
115      </table>
116</div>
117<div class="memdoc">
118
119<p>
120Decode SignedData and verify that the signature is correct.<p>
121<dl compact><dt><b>Parameters:</b></dt><dd>
122  <table border="0" cellspacing="2" cellpadding="0">
123    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
124    <tr><td valign="top"></td><td valign="top"><em>flags</em>&nbsp;</td><td></td></tr>
125    <tr><td valign="top"></td><td valign="top"><em>eContentType</em>&nbsp;</td><td>the type of the data. </td></tr>
126    <tr><td valign="top"></td><td valign="top"><em>data</em>&nbsp;</td><td>data to sign </td></tr>
127    <tr><td valign="top"></td><td valign="top"><em>length</em>&nbsp;</td><td>length of the data that data point to. </td></tr>
128    <tr><td valign="top"></td><td valign="top"><em>digest_alg</em>&nbsp;</td><td>digest algorithm to use, use NULL to get the default or the peer determined algorithm. </td></tr>
129    <tr><td valign="top"></td><td valign="top"><em>cert</em>&nbsp;</td><td>certificate to use for sign the data. </td></tr>
130    <tr><td valign="top"></td><td valign="top"><em>peer</em>&nbsp;</td><td>info about the peer the message to send the message to, like what digest algorithm to use. </td></tr>
131    <tr><td valign="top"></td><td valign="top"><em>anchors</em>&nbsp;</td><td>trust anchors that the client will use, used to polulate the certificates included in the message </td></tr>
132    <tr><td valign="top"></td><td valign="top"><em>pool</em>&nbsp;</td><td>certificates to use in try to build the path to the trust anchors. </td></tr>
133    <tr><td valign="top"></td><td valign="top"><em>signed_data</em>&nbsp;</td><td>the output of the function, free with der_free_octet_string(). </td></tr>
134  </table>
135</dl>
136
137</div>
138</div><p>
139<a class="anchor" name="g618f32b35fa6f679cc5f32fb8abdbe85"></a><!-- doxytag: member="cms.c::hx509_cms_envelope_1" ref="g618f32b35fa6f679cc5f32fb8abdbe85" args="(hx509_context context, int flags, hx509_cert cert, const void *data, size_t length, const heim_oid *encryption_type, const heim_oid *contentType, heim_octet_string *content)" -->
140<div class="memitem">
141<div class="memproto">
142      <table class="memname">
143        <tr>
144          <td class="memname">int hx509_cms_envelope_1           </td>
145          <td>(</td>
146          <td class="paramtype">hx509_context&nbsp;</td>
147          <td class="paramname"> <em>context</em>, </td>
148        </tr>
149        <tr>
150          <td class="paramkey"></td>
151          <td></td>
152          <td class="paramtype">int&nbsp;</td>
153          <td class="paramname"> <em>flags</em>, </td>
154        </tr>
155        <tr>
156          <td class="paramkey"></td>
157          <td></td>
158          <td class="paramtype">hx509_cert&nbsp;</td>
159          <td class="paramname"> <em>cert</em>, </td>
160        </tr>
161        <tr>
162          <td class="paramkey"></td>
163          <td></td>
164          <td class="paramtype">const void *&nbsp;</td>
165          <td class="paramname"> <em>data</em>, </td>
166        </tr>
167        <tr>
168          <td class="paramkey"></td>
169          <td></td>
170          <td class="paramtype">size_t&nbsp;</td>
171          <td class="paramname"> <em>length</em>, </td>
172        </tr>
173        <tr>
174          <td class="paramkey"></td>
175          <td></td>
176          <td class="paramtype">const heim_oid *&nbsp;</td>
177          <td class="paramname"> <em>encryption_type</em>, </td>
178        </tr>
179        <tr>
180          <td class="paramkey"></td>
181          <td></td>
182          <td class="paramtype">const heim_oid *&nbsp;</td>
183          <td class="paramname"> <em>contentType</em>, </td>
184        </tr>
185        <tr>
186          <td class="paramkey"></td>
187          <td></td>
188          <td class="paramtype">heim_octet_string *&nbsp;</td>
189          <td class="paramname"> <em>content</em></td><td>&nbsp;</td>
190        </tr>
191        <tr>
192          <td></td>
193          <td>)</td>
194          <td></td><td></td><td></td>
195        </tr>
196      </table>
197</div>
198<div class="memdoc">
199
200<p>
201Encrypt end encode EnvelopedData.<p>
202Encrypt and encode EnvelopedData. The data is encrypted with a random key and the the random key is encrypted with the certificates private key. This limits what private key type can be used to RSA.<p>
203<dl compact><dt><b>Parameters:</b></dt><dd>
204  <table border="0" cellspacing="2" cellpadding="0">
205    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
206    <tr><td valign="top"></td><td valign="top"><em>flags</em>&nbsp;</td><td>flags to control the behavior.<ul>
207<li>HX509_CMS_EV_NO_KU_CHECK - Dont check KU on certificate</li><li>HX509_CMS_EV_ALLOW_WEAK - Allow weak crytpo</li><li>HX509_CMS_EV_ID_NAME - prefer issuer name and serial number </li></ul>
208</td></tr>
209    <tr><td valign="top"></td><td valign="top"><em>cert</em>&nbsp;</td><td>Certificate to encrypt the EnvelopedData encryption key with. </td></tr>
210    <tr><td valign="top"></td><td valign="top"><em>data</em>&nbsp;</td><td>pointer the data to encrypt. </td></tr>
211    <tr><td valign="top"></td><td valign="top"><em>length</em>&nbsp;</td><td>length of the data that data point to. </td></tr>
212    <tr><td valign="top"></td><td valign="top"><em>encryption_type</em>&nbsp;</td><td>Encryption cipher to use for the bulk data, use NULL to get default. </td></tr>
213    <tr><td valign="top"></td><td valign="top"><em>contentType</em>&nbsp;</td><td>type of the data that is encrypted </td></tr>
214    <tr><td valign="top"></td><td valign="top"><em>content</em>&nbsp;</td><td>the output of the function, free with der_free_octet_string(). </td></tr>
215  </table>
216</dl>
217
218</div>
219</div><p>
220<a class="anchor" name="gb13d28bf986e3b66c05e7e33799be07b"></a><!-- doxytag: member="cms.c::hx509_cms_unenvelope" ref="gb13d28bf986e3b66c05e7e33799be07b" args="(hx509_context context, hx509_certs certs, int flags, const void *data, size_t length, const heim_octet_string *encryptedContent, time_t time_now, heim_oid *contentType, heim_octet_string *content)" -->
221<div class="memitem">
222<div class="memproto">
223      <table class="memname">
224        <tr>
225          <td class="memname">int hx509_cms_unenvelope           </td>
226          <td>(</td>
227          <td class="paramtype">hx509_context&nbsp;</td>
228          <td class="paramname"> <em>context</em>, </td>
229        </tr>
230        <tr>
231          <td class="paramkey"></td>
232          <td></td>
233          <td class="paramtype">hx509_certs&nbsp;</td>
234          <td class="paramname"> <em>certs</em>, </td>
235        </tr>
236        <tr>
237          <td class="paramkey"></td>
238          <td></td>
239          <td class="paramtype">int&nbsp;</td>
240          <td class="paramname"> <em>flags</em>, </td>
241        </tr>
242        <tr>
243          <td class="paramkey"></td>
244          <td></td>
245          <td class="paramtype">const void *&nbsp;</td>
246          <td class="paramname"> <em>data</em>, </td>
247        </tr>
248        <tr>
249          <td class="paramkey"></td>
250          <td></td>
251          <td class="paramtype">size_t&nbsp;</td>
252          <td class="paramname"> <em>length</em>, </td>
253        </tr>
254        <tr>
255          <td class="paramkey"></td>
256          <td></td>
257          <td class="paramtype">const heim_octet_string *&nbsp;</td>
258          <td class="paramname"> <em>encryptedContent</em>, </td>
259        </tr>
260        <tr>
261          <td class="paramkey"></td>
262          <td></td>
263          <td class="paramtype">time_t&nbsp;</td>
264          <td class="paramname"> <em>time_now</em>, </td>
265        </tr>
266        <tr>
267          <td class="paramkey"></td>
268          <td></td>
269          <td class="paramtype">heim_oid *&nbsp;</td>
270          <td class="paramname"> <em>contentType</em>, </td>
271        </tr>
272        <tr>
273          <td class="paramkey"></td>
274          <td></td>
275          <td class="paramtype">heim_octet_string *&nbsp;</td>
276          <td class="paramname"> <em>content</em></td><td>&nbsp;</td>
277        </tr>
278        <tr>
279          <td></td>
280          <td>)</td>
281          <td></td><td></td><td></td>
282        </tr>
283      </table>
284</div>
285<div class="memdoc">
286
287<p>
288Decode and unencrypt EnvelopedData.<p>
289Extract data and parameteres from from the EnvelopedData. Also supports using detached EnvelopedData.<p>
290<dl compact><dt><b>Parameters:</b></dt><dd>
291  <table border="0" cellspacing="2" cellpadding="0">
292    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
293    <tr><td valign="top"></td><td valign="top"><em>certs</em>&nbsp;</td><td>Certificate that can decrypt the EnvelopedData encryption key. </td></tr>
294    <tr><td valign="top"></td><td valign="top"><em>flags</em>&nbsp;</td><td>HX509_CMS_UE flags to control the behavior. </td></tr>
295    <tr><td valign="top"></td><td valign="top"><em>data</em>&nbsp;</td><td>pointer the structure the contains the DER/BER encoded EnvelopedData stucture. </td></tr>
296    <tr><td valign="top"></td><td valign="top"><em>length</em>&nbsp;</td><td>length of the data that data point to. </td></tr>
297    <tr><td valign="top"></td><td valign="top"><em>encryptedContent</em>&nbsp;</td><td>in case of detached signature, this contains the actual encrypted data, othersize its should be NULL. </td></tr>
298    <tr><td valign="top"></td><td valign="top"><em>time_now</em>&nbsp;</td><td>set the current time, if zero the library uses now as the date. </td></tr>
299    <tr><td valign="top"></td><td valign="top"><em>contentType</em>&nbsp;</td><td>output type oid, should be freed with der_free_oid(). </td></tr>
300    <tr><td valign="top"></td><td valign="top"><em>content</em>&nbsp;</td><td>the data, free with der_free_octet_string(). </td></tr>
301  </table>
302</dl>
303
304</div>
305</div><p>
306<a class="anchor" name="gacbd636f3053c560782d83251f42b71a"></a><!-- doxytag: member="cms.c::hx509_cms_unwrap_ContentInfo" ref="gacbd636f3053c560782d83251f42b71a" args="(const heim_octet_string *in, heim_oid *oid, heim_octet_string *out, int *have_data)" -->
307<div class="memitem">
308<div class="memproto">
309      <table class="memname">
310        <tr>
311          <td class="memname">int hx509_cms_unwrap_ContentInfo           </td>
312          <td>(</td>
313          <td class="paramtype">const heim_octet_string *&nbsp;</td>
314          <td class="paramname"> <em>in</em>, </td>
315        </tr>
316        <tr>
317          <td class="paramkey"></td>
318          <td></td>
319          <td class="paramtype">heim_oid *&nbsp;</td>
320          <td class="paramname"> <em>oid</em>, </td>
321        </tr>
322        <tr>
323          <td class="paramkey"></td>
324          <td></td>
325          <td class="paramtype">heim_octet_string *&nbsp;</td>
326          <td class="paramname"> <em>out</em>, </td>
327        </tr>
328        <tr>
329          <td class="paramkey"></td>
330          <td></td>
331          <td class="paramtype">int *&nbsp;</td>
332          <td class="paramname"> <em>have_data</em></td><td>&nbsp;</td>
333        </tr>
334        <tr>
335          <td></td>
336          <td>)</td>
337          <td></td><td></td><td></td>
338        </tr>
339      </table>
340</div>
341<div class="memdoc">
342
343<p>
344Decode an ContentInfo and unwrap data and oid it.<p>
345<dl compact><dt><b>Parameters:</b></dt><dd>
346  <table border="0" cellspacing="2" cellpadding="0">
347    <tr><td valign="top"></td><td valign="top"><em>in</em>&nbsp;</td><td>the encoded buffer. </td></tr>
348    <tr><td valign="top"></td><td valign="top"><em>oid</em>&nbsp;</td><td>type of the content. </td></tr>
349    <tr><td valign="top"></td><td valign="top"><em>out</em>&nbsp;</td><td>data to be wrapped. </td></tr>
350    <tr><td valign="top"></td><td valign="top"><em>have_data</em>&nbsp;</td><td>since the data is optional, this flags show dthe diffrence between no data and the zero length data.</td></tr>
351  </table>
352</dl>
353<dl class="return" compact><dt><b>Returns:</b></dt><dd>Returns an hx509 error code. </dd></dl>
354
355</div>
356</div><p>
357<a class="anchor" name="gedaf18507474021a8d092ca6ac90a1ad"></a><!-- doxytag: member="cms.c::hx509_cms_verify_signed" ref="gedaf18507474021a8d092ca6ac90a1ad" args="(hx509_context context, hx509_verify_ctx ctx, unsigned int flags, const void *data, size_t length, const heim_octet_string *signedContent, hx509_certs pool, heim_oid *contentType, heim_octet_string *content, hx509_certs *signer_certs)" -->
358<div class="memitem">
359<div class="memproto">
360      <table class="memname">
361        <tr>
362          <td class="memname">int hx509_cms_verify_signed           </td>
363          <td>(</td>
364          <td class="paramtype">hx509_context&nbsp;</td>
365          <td class="paramname"> <em>context</em>, </td>
366        </tr>
367        <tr>
368          <td class="paramkey"></td>
369          <td></td>
370          <td class="paramtype">hx509_verify_ctx&nbsp;</td>
371          <td class="paramname"> <em>ctx</em>, </td>
372        </tr>
373        <tr>
374          <td class="paramkey"></td>
375          <td></td>
376          <td class="paramtype">unsigned int&nbsp;</td>
377          <td class="paramname"> <em>flags</em>, </td>
378        </tr>
379        <tr>
380          <td class="paramkey"></td>
381          <td></td>
382          <td class="paramtype">const void *&nbsp;</td>
383          <td class="paramname"> <em>data</em>, </td>
384        </tr>
385        <tr>
386          <td class="paramkey"></td>
387          <td></td>
388          <td class="paramtype">size_t&nbsp;</td>
389          <td class="paramname"> <em>length</em>, </td>
390        </tr>
391        <tr>
392          <td class="paramkey"></td>
393          <td></td>
394          <td class="paramtype">const heim_octet_string *&nbsp;</td>
395          <td class="paramname"> <em>signedContent</em>, </td>
396        </tr>
397        <tr>
398          <td class="paramkey"></td>
399          <td></td>
400          <td class="paramtype">hx509_certs&nbsp;</td>
401          <td class="paramname"> <em>pool</em>, </td>
402        </tr>
403        <tr>
404          <td class="paramkey"></td>
405          <td></td>
406          <td class="paramtype">heim_oid *&nbsp;</td>
407          <td class="paramname"> <em>contentType</em>, </td>
408        </tr>
409        <tr>
410          <td class="paramkey"></td>
411          <td></td>
412          <td class="paramtype">heim_octet_string *&nbsp;</td>
413          <td class="paramname"> <em>content</em>, </td>
414        </tr>
415        <tr>
416          <td class="paramkey"></td>
417          <td></td>
418          <td class="paramtype">hx509_certs *&nbsp;</td>
419          <td class="paramname"> <em>signer_certs</em></td><td>&nbsp;</td>
420        </tr>
421        <tr>
422          <td></td>
423          <td>)</td>
424          <td></td><td></td><td></td>
425        </tr>
426      </table>
427</div>
428<div class="memdoc">
429
430<p>
431Decode SignedData and verify that the signature is correct.<p>
432<dl compact><dt><b>Parameters:</b></dt><dd>
433  <table border="0" cellspacing="2" cellpadding="0">
434    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A hx509 context. </td></tr>
435    <tr><td valign="top"></td><td valign="top"><em>ctx</em>&nbsp;</td><td>a hx509 verify context. </td></tr>
436    <tr><td valign="top"></td><td valign="top"><em>flags</em>&nbsp;</td><td>to control the behaivor of the function.<ul>
437<li>HX509_CMS_VS_NO_KU_CHECK - Don't check KeyUsage</li><li>HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH - allow oid mismatch</li><li>HX509_CMS_VS_ALLOW_ZERO_SIGNER - no signer, see below. </li></ul>
438</td></tr>
439    <tr><td valign="top"></td><td valign="top"><em>data</em>&nbsp;</td><td>pointer to CMS SignedData encoded data. </td></tr>
440    <tr><td valign="top"></td><td valign="top"><em>length</em>&nbsp;</td><td>length of the data that data point to. </td></tr>
441    <tr><td valign="top"></td><td valign="top"><em>signedContent</em>&nbsp;</td><td>external data used for signature. </td></tr>
442    <tr><td valign="top"></td><td valign="top"><em>pool</em>&nbsp;</td><td>certificate pool to build certificates paths. </td></tr>
443    <tr><td valign="top"></td><td valign="top"><em>contentType</em>&nbsp;</td><td>free with der_free_oid(). </td></tr>
444    <tr><td valign="top"></td><td valign="top"><em>content</em>&nbsp;</td><td>the output of the function, free with der_free_octet_string(). </td></tr>
445    <tr><td valign="top"></td><td valign="top"><em>signer_certs</em>&nbsp;</td><td>list of the cerficates used to sign this request, free with <a class="el" href="group__hx509__keyset.html#ga3df96cfe4137beaea7e7b87b95dbe3f">hx509_certs_free()</a>. </td></tr>
446  </table>
447</dl>
448
449<p>
450If HX509_CMS_VS_NO_KU_CHECK is set, allow more liberal search for matching certificates by not considering KeyUsage bits on the certificates.<p>
451If HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH, allow encapContentInfo mismatch with the oid in signedAttributes (or if no signedAttributes where use, pkcs7-data oid). This is only needed to work with broken CMS implementations that doesn't follow CMS signedAttributes rules.<p>
452If HX509_CMS_VS_NO_VALIDATE flags is set, do not verify the signing certificates and leave that up to the caller.<p>
453If HX509_CMS_VS_ALLOW_ZERO_SIGNER is set, allow empty SignerInfo (no signatures). If SignedData have no signatures, the function will return 0 with signer_certs set to NULL. Zero signers is allowed by the standard, but since its only useful in corner cases, it make into a flag that the caller have to turn on.
454</div>
455</div><p>
456<a class="anchor" name="g59a1f6dc31e384a0d378c8179f2be9c3"></a><!-- doxytag: member="cms.c::hx509_cms_wrap_ContentInfo" ref="g59a1f6dc31e384a0d378c8179f2be9c3" args="(const heim_oid *oid, const heim_octet_string *buf, heim_octet_string *res)" -->
457<div class="memitem">
458<div class="memproto">
459      <table class="memname">
460        <tr>
461          <td class="memname">int hx509_cms_wrap_ContentInfo           </td>
462          <td>(</td>
463          <td class="paramtype">const heim_oid *&nbsp;</td>
464          <td class="paramname"> <em>oid</em>, </td>
465        </tr>
466        <tr>
467          <td class="paramkey"></td>
468          <td></td>
469          <td class="paramtype">const heim_octet_string *&nbsp;</td>
470          <td class="paramname"> <em>buf</em>, </td>
471        </tr>
472        <tr>
473          <td class="paramkey"></td>
474          <td></td>
475          <td class="paramtype">heim_octet_string *&nbsp;</td>
476          <td class="paramname"> <em>res</em></td><td>&nbsp;</td>
477        </tr>
478        <tr>
479          <td></td>
480          <td>)</td>
481          <td></td><td></td><td></td>
482        </tr>
483      </table>
484</div>
485<div class="memdoc">
486
487<p>
488Wrap data and oid in a ContentInfo and encode it.<p>
489<dl compact><dt><b>Parameters:</b></dt><dd>
490  <table border="0" cellspacing="2" cellpadding="0">
491    <tr><td valign="top"></td><td valign="top"><em>oid</em>&nbsp;</td><td>type of the content. </td></tr>
492    <tr><td valign="top"></td><td valign="top"><em>buf</em>&nbsp;</td><td>data to be wrapped. If a NULL pointer is passed in, the optional content field in the ContentInfo is not going be filled in. </td></tr>
493    <tr><td valign="top"></td><td valign="top"><em>res</em>&nbsp;</td><td>the encoded buffer, the result should be freed with der_free_octet_string().</td></tr>
494  </table>
495</dl>
496<dl class="return" compact><dt><b>Returns:</b></dt><dd>Returns an hx509 error code. </dd></dl>
497
498</div>
499</div><p>
500</div>
501<hr size="1"><address style="text-align: right;"><small>
502Generated on Wed Jan 11 14:07:40 2012 for Heimdalx509library by&nbsp;<a href="http://www.doxygen.org/index.html"><img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.6</small></address>
503</body>
504</html>
505