1226031Sstas<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 2226031Sstas<html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> 3226031Sstas<title>Heimdalx509library: hx509 CMS/pkcs7 functions</title> 4226031Sstas<link href="doxygen.css" rel="stylesheet" type="text/css"> 5226031Sstas<link href="tabs.css" rel="stylesheet" type="text/css"> 6226031Sstas</head><body> 7226031Sstas<p> 8226031Sstas<a href="http://www.h5l.org/"><img src="http://www.h5l.org/keyhole-heimdal.png" alt="keyhole logo"/></a> 9226031Sstas</p> 10226031Sstas<!-- end of header marker --> 11226031Sstas<!-- Generated by Doxygen 1.5.6 --> 12226031Sstas<div class="navigation" id="top"> 13226031Sstas <div class="tabs"> 14226031Sstas <ul> 15226031Sstas <li><a href="index.html"><span>Main Page</span></a></li> 16226031Sstas <li><a href="pages.html"><span>Related Pages</span></a></li> 17226031Sstas <li><a href="modules.html"><span>Modules</span></a></li> 18226031Sstas </ul> 19226031Sstas </div> 20226031Sstas</div> 21226031Sstas<div class="contents"> 22226031Sstas<h1>hx509 CMS/pkcs7 functions</h1><table border="0" cellpadding="0" cellspacing="0"> 23226031Sstas<tr><td></td></tr> 24226031Sstas<tr><td colspan="2"><br><h2>Functions</h2></td></tr> 25226031Sstas<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#g59a1f6dc31e384a0d378c8179f2be9c3">hx509_cms_wrap_ContentInfo</a> (const heim_oid *oid, const heim_octet_string *buf, heim_octet_string *res)</td></tr> 26226031Sstas 27226031Sstas<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#gacbd636f3053c560782d83251f42b71a">hx509_cms_unwrap_ContentInfo</a> (const heim_octet_string *in, heim_oid *oid, heim_octet_string *out, int *have_data)</td></tr> 28226031Sstas 29226031Sstas<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#gb13d28bf986e3b66c05e7e33799be07b">hx509_cms_unenvelope</a> (hx509_context context, hx509_certs certs, int flags, const void *data, size_t length, const heim_octet_string *encryptedContent, time_t time_now, heim_oid *contentType, heim_octet_string *content)</td></tr> 30226031Sstas 31226031Sstas<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#g618f32b35fa6f679cc5f32fb8abdbe85">hx509_cms_envelope_1</a> (hx509_context context, int flags, hx509_cert cert, const void *data, size_t length, const heim_oid *encryption_type, const heim_oid *contentType, heim_octet_string *content)</td></tr> 32226031Sstas 33226031Sstas<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#gedaf18507474021a8d092ca6ac90a1ad">hx509_cms_verify_signed</a> (hx509_context context, hx509_verify_ctx ctx, unsigned int flags, const void *data, size_t length, const heim_octet_string *signedContent, hx509_certs pool, heim_oid *contentType, heim_octet_string *content, hx509_certs *signer_certs)</td></tr> 34226031Sstas 35226031Sstas<tr><td class="memItemLeft" nowrap align="right" valign="top">int </td><td class="memItemRight" valign="bottom"><a class="el" href="group__hx509__cms.html#g8dfb6d8d72f6a71caffaf11b9d847921">hx509_cms_create_signed_1</a> (hx509_context context, int flags, const heim_oid *eContentType, const void *data, size_t length, const AlgorithmIdentifier *digest_alg, hx509_cert cert, hx509_peer_info peer, hx509_certs anchors, hx509_certs pool, heim_octet_string *signed_data)</td></tr> 36226031Sstas 37226031Sstas</table> 38226031Sstas<hr><a name="_details"></a><h2>Detailed Description</h2> 39226031SstasSee the <a class="el" href="page_cms.html">CMS/PKCS7 message functions.</a> for description and examples. <hr><h2>Function Documentation</h2> 40226031Sstas<a class="anchor" name="g8dfb6d8d72f6a71caffaf11b9d847921"></a><!-- doxytag: member="cms.c::hx509_cms_create_signed_1" ref="g8dfb6d8d72f6a71caffaf11b9d847921" args="(hx509_context context, int flags, const heim_oid *eContentType, const void *data, size_t length, const AlgorithmIdentifier *digest_alg, hx509_cert cert, hx509_peer_info peer, hx509_certs anchors, hx509_certs pool, heim_octet_string *signed_data)" --> 41226031Sstas<div class="memitem"> 42226031Sstas<div class="memproto"> 43226031Sstas <table class="memname"> 44226031Sstas <tr> 45226031Sstas <td class="memname">int hx509_cms_create_signed_1 </td> 46226031Sstas <td>(</td> 47226031Sstas <td class="paramtype">hx509_context </td> 48226031Sstas <td class="paramname"> <em>context</em>, </td> 49226031Sstas </tr> 50226031Sstas <tr> 51226031Sstas <td class="paramkey"></td> 52226031Sstas <td></td> 53226031Sstas <td class="paramtype">int </td> 54226031Sstas <td class="paramname"> <em>flags</em>, </td> 55226031Sstas </tr> 56226031Sstas <tr> 57226031Sstas <td class="paramkey"></td> 58226031Sstas <td></td> 59226031Sstas <td class="paramtype">const heim_oid * </td> 60226031Sstas <td class="paramname"> <em>eContentType</em>, </td> 61226031Sstas </tr> 62226031Sstas <tr> 63226031Sstas <td class="paramkey"></td> 64226031Sstas <td></td> 65226031Sstas <td class="paramtype">const void * </td> 66226031Sstas <td class="paramname"> <em>data</em>, </td> 67226031Sstas </tr> 68226031Sstas <tr> 69226031Sstas <td class="paramkey"></td> 70226031Sstas <td></td> 71226031Sstas <td class="paramtype">size_t </td> 72226031Sstas <td class="paramname"> <em>length</em>, </td> 73226031Sstas </tr> 74226031Sstas <tr> 75226031Sstas <td class="paramkey"></td> 76226031Sstas <td></td> 77226031Sstas <td class="paramtype">const AlgorithmIdentifier * </td> 78226031Sstas <td class="paramname"> <em>digest_alg</em>, </td> 79226031Sstas </tr> 80226031Sstas <tr> 81226031Sstas <td class="paramkey"></td> 82226031Sstas <td></td> 83226031Sstas <td class="paramtype">hx509_cert </td> 84226031Sstas <td class="paramname"> <em>cert</em>, </td> 85226031Sstas </tr> 86226031Sstas <tr> 87226031Sstas <td class="paramkey"></td> 88226031Sstas <td></td> 89226031Sstas <td class="paramtype">hx509_peer_info </td> 90226031Sstas <td class="paramname"> <em>peer</em>, </td> 91226031Sstas </tr> 92226031Sstas <tr> 93226031Sstas <td class="paramkey"></td> 94226031Sstas <td></td> 95226031Sstas <td class="paramtype">hx509_certs </td> 96226031Sstas <td class="paramname"> <em>anchors</em>, </td> 97226031Sstas </tr> 98226031Sstas <tr> 99226031Sstas <td class="paramkey"></td> 100226031Sstas <td></td> 101226031Sstas <td class="paramtype">hx509_certs </td> 102226031Sstas <td class="paramname"> <em>pool</em>, </td> 103226031Sstas </tr> 104226031Sstas <tr> 105226031Sstas <td class="paramkey"></td> 106226031Sstas <td></td> 107226031Sstas <td class="paramtype">heim_octet_string * </td> 108226031Sstas <td class="paramname"> <em>signed_data</em></td><td> </td> 109226031Sstas </tr> 110226031Sstas <tr> 111226031Sstas <td></td> 112226031Sstas <td>)</td> 113226031Sstas <td></td><td></td><td></td> 114226031Sstas </tr> 115226031Sstas </table> 116226031Sstas</div> 117226031Sstas<div class="memdoc"> 118226031Sstas 119226031Sstas<p> 120226031SstasDecode SignedData and verify that the signature is correct.<p> 121226031Sstas<dl compact><dt><b>Parameters:</b></dt><dd> 122226031Sstas <table border="0" cellspacing="2" cellpadding="0"> 123226031Sstas <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr> 124226031Sstas <tr><td valign="top"></td><td valign="top"><em>flags</em> </td><td></td></tr> 125226031Sstas <tr><td valign="top"></td><td valign="top"><em>eContentType</em> </td><td>the type of the data. </td></tr> 126226031Sstas <tr><td valign="top"></td><td valign="top"><em>data</em> </td><td>data to sign </td></tr> 127226031Sstas <tr><td valign="top"></td><td valign="top"><em>length</em> </td><td>length of the data that data point to. </td></tr> 128226031Sstas <tr><td valign="top"></td><td valign="top"><em>digest_alg</em> </td><td>digest algorithm to use, use NULL to get the default or the peer determined algorithm. </td></tr> 129226031Sstas <tr><td valign="top"></td><td valign="top"><em>cert</em> </td><td>certificate to use for sign the data. </td></tr> 130226031Sstas <tr><td valign="top"></td><td valign="top"><em>peer</em> </td><td>info about the peer the message to send the message to, like what digest algorithm to use. </td></tr> 131226031Sstas <tr><td valign="top"></td><td valign="top"><em>anchors</em> </td><td>trust anchors that the client will use, used to polulate the certificates included in the message </td></tr> 132226031Sstas <tr><td valign="top"></td><td valign="top"><em>pool</em> </td><td>certificates to use in try to build the path to the trust anchors. </td></tr> 133226031Sstas <tr><td valign="top"></td><td valign="top"><em>signed_data</em> </td><td>the output of the function, free with der_free_octet_string(). </td></tr> 134226031Sstas </table> 135226031Sstas</dl> 136226031Sstas 137226031Sstas</div> 138226031Sstas</div><p> 139226031Sstas<a class="anchor" name="g618f32b35fa6f679cc5f32fb8abdbe85"></a><!-- doxytag: member="cms.c::hx509_cms_envelope_1" ref="g618f32b35fa6f679cc5f32fb8abdbe85" args="(hx509_context context, int flags, hx509_cert cert, const void *data, size_t length, const heim_oid *encryption_type, const heim_oid *contentType, heim_octet_string *content)" --> 140226031Sstas<div class="memitem"> 141226031Sstas<div class="memproto"> 142226031Sstas <table class="memname"> 143226031Sstas <tr> 144226031Sstas <td class="memname">int hx509_cms_envelope_1 </td> 145226031Sstas <td>(</td> 146226031Sstas <td class="paramtype">hx509_context </td> 147226031Sstas <td class="paramname"> <em>context</em>, </td> 148226031Sstas </tr> 149226031Sstas <tr> 150226031Sstas <td class="paramkey"></td> 151226031Sstas <td></td> 152226031Sstas <td class="paramtype">int </td> 153226031Sstas <td class="paramname"> <em>flags</em>, </td> 154226031Sstas </tr> 155226031Sstas <tr> 156226031Sstas <td class="paramkey"></td> 157226031Sstas <td></td> 158226031Sstas <td class="paramtype">hx509_cert </td> 159226031Sstas <td class="paramname"> <em>cert</em>, </td> 160226031Sstas </tr> 161226031Sstas <tr> 162226031Sstas <td class="paramkey"></td> 163226031Sstas <td></td> 164226031Sstas <td class="paramtype">const void * </td> 165226031Sstas <td class="paramname"> <em>data</em>, </td> 166226031Sstas </tr> 167226031Sstas <tr> 168226031Sstas <td class="paramkey"></td> 169226031Sstas <td></td> 170226031Sstas <td class="paramtype">size_t </td> 171226031Sstas <td class="paramname"> <em>length</em>, </td> 172226031Sstas </tr> 173226031Sstas <tr> 174226031Sstas <td class="paramkey"></td> 175226031Sstas <td></td> 176226031Sstas <td class="paramtype">const heim_oid * </td> 177226031Sstas <td class="paramname"> <em>encryption_type</em>, </td> 178226031Sstas </tr> 179226031Sstas <tr> 180226031Sstas <td class="paramkey"></td> 181226031Sstas <td></td> 182226031Sstas <td class="paramtype">const heim_oid * </td> 183226031Sstas <td class="paramname"> <em>contentType</em>, </td> 184226031Sstas </tr> 185226031Sstas <tr> 186226031Sstas <td class="paramkey"></td> 187226031Sstas <td></td> 188226031Sstas <td class="paramtype">heim_octet_string * </td> 189226031Sstas <td class="paramname"> <em>content</em></td><td> </td> 190226031Sstas </tr> 191226031Sstas <tr> 192226031Sstas <td></td> 193226031Sstas <td>)</td> 194226031Sstas <td></td><td></td><td></td> 195226031Sstas </tr> 196226031Sstas </table> 197226031Sstas</div> 198226031Sstas<div class="memdoc"> 199226031Sstas 200226031Sstas<p> 201226031SstasEncrypt end encode EnvelopedData.<p> 202226031SstasEncrypt and encode EnvelopedData. The data is encrypted with a random key and the the random key is encrypted with the certificates private key. This limits what private key type can be used to RSA.<p> 203226031Sstas<dl compact><dt><b>Parameters:</b></dt><dd> 204226031Sstas <table border="0" cellspacing="2" cellpadding="0"> 205226031Sstas <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr> 206226031Sstas <tr><td valign="top"></td><td valign="top"><em>flags</em> </td><td>flags to control the behavior.<ul> 207226031Sstas<li>HX509_CMS_EV_NO_KU_CHECK - Dont check KU on certificate</li><li>HX509_CMS_EV_ALLOW_WEAK - Allow weak crytpo</li><li>HX509_CMS_EV_ID_NAME - prefer issuer name and serial number </li></ul> 208226031Sstas</td></tr> 209226031Sstas <tr><td valign="top"></td><td valign="top"><em>cert</em> </td><td>Certificate to encrypt the EnvelopedData encryption key with. </td></tr> 210226031Sstas <tr><td valign="top"></td><td valign="top"><em>data</em> </td><td>pointer the data to encrypt. </td></tr> 211226031Sstas <tr><td valign="top"></td><td valign="top"><em>length</em> </td><td>length of the data that data point to. </td></tr> 212226031Sstas <tr><td valign="top"></td><td valign="top"><em>encryption_type</em> </td><td>Encryption cipher to use for the bulk data, use NULL to get default. </td></tr> 213226031Sstas <tr><td valign="top"></td><td valign="top"><em>contentType</em> </td><td>type of the data that is encrypted </td></tr> 214226031Sstas <tr><td valign="top"></td><td valign="top"><em>content</em> </td><td>the output of the function, free with der_free_octet_string(). </td></tr> 215226031Sstas </table> 216226031Sstas</dl> 217226031Sstas 218226031Sstas</div> 219226031Sstas</div><p> 220226031Sstas<a class="anchor" name="gb13d28bf986e3b66c05e7e33799be07b"></a><!-- doxytag: member="cms.c::hx509_cms_unenvelope" ref="gb13d28bf986e3b66c05e7e33799be07b" args="(hx509_context context, hx509_certs certs, int flags, const void *data, size_t length, const heim_octet_string *encryptedContent, time_t time_now, heim_oid *contentType, heim_octet_string *content)" --> 221226031Sstas<div class="memitem"> 222226031Sstas<div class="memproto"> 223226031Sstas <table class="memname"> 224226031Sstas <tr> 225226031Sstas <td class="memname">int hx509_cms_unenvelope </td> 226226031Sstas <td>(</td> 227226031Sstas <td class="paramtype">hx509_context </td> 228226031Sstas <td class="paramname"> <em>context</em>, </td> 229226031Sstas </tr> 230226031Sstas <tr> 231226031Sstas <td class="paramkey"></td> 232226031Sstas <td></td> 233226031Sstas <td class="paramtype">hx509_certs </td> 234226031Sstas <td class="paramname"> <em>certs</em>, </td> 235226031Sstas </tr> 236226031Sstas <tr> 237226031Sstas <td class="paramkey"></td> 238226031Sstas <td></td> 239226031Sstas <td class="paramtype">int </td> 240226031Sstas <td class="paramname"> <em>flags</em>, </td> 241226031Sstas </tr> 242226031Sstas <tr> 243226031Sstas <td class="paramkey"></td> 244226031Sstas <td></td> 245226031Sstas <td class="paramtype">const void * </td> 246226031Sstas <td class="paramname"> <em>data</em>, </td> 247226031Sstas </tr> 248226031Sstas <tr> 249226031Sstas <td class="paramkey"></td> 250226031Sstas <td></td> 251226031Sstas <td class="paramtype">size_t </td> 252226031Sstas <td class="paramname"> <em>length</em>, </td> 253226031Sstas </tr> 254226031Sstas <tr> 255226031Sstas <td class="paramkey"></td> 256226031Sstas <td></td> 257226031Sstas <td class="paramtype">const heim_octet_string * </td> 258226031Sstas <td class="paramname"> <em>encryptedContent</em>, </td> 259226031Sstas </tr> 260226031Sstas <tr> 261226031Sstas <td class="paramkey"></td> 262226031Sstas <td></td> 263226031Sstas <td class="paramtype">time_t </td> 264226031Sstas <td class="paramname"> <em>time_now</em>, </td> 265226031Sstas </tr> 266226031Sstas <tr> 267226031Sstas <td class="paramkey"></td> 268226031Sstas <td></td> 269226031Sstas <td class="paramtype">heim_oid * </td> 270226031Sstas <td class="paramname"> <em>contentType</em>, </td> 271226031Sstas </tr> 272226031Sstas <tr> 273226031Sstas <td class="paramkey"></td> 274226031Sstas <td></td> 275226031Sstas <td class="paramtype">heim_octet_string * </td> 276226031Sstas <td class="paramname"> <em>content</em></td><td> </td> 277226031Sstas </tr> 278226031Sstas <tr> 279226031Sstas <td></td> 280226031Sstas <td>)</td> 281226031Sstas <td></td><td></td><td></td> 282226031Sstas </tr> 283226031Sstas </table> 284226031Sstas</div> 285226031Sstas<div class="memdoc"> 286226031Sstas 287226031Sstas<p> 288226031SstasDecode and unencrypt EnvelopedData.<p> 289226031SstasExtract data and parameteres from from the EnvelopedData. Also supports using detached EnvelopedData.<p> 290226031Sstas<dl compact><dt><b>Parameters:</b></dt><dd> 291226031Sstas <table border="0" cellspacing="2" cellpadding="0"> 292226031Sstas <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr> 293226031Sstas <tr><td valign="top"></td><td valign="top"><em>certs</em> </td><td>Certificate that can decrypt the EnvelopedData encryption key. </td></tr> 294226031Sstas <tr><td valign="top"></td><td valign="top"><em>flags</em> </td><td>HX509_CMS_UE flags to control the behavior. </td></tr> 295226031Sstas <tr><td valign="top"></td><td valign="top"><em>data</em> </td><td>pointer the structure the contains the DER/BER encoded EnvelopedData stucture. </td></tr> 296226031Sstas <tr><td valign="top"></td><td valign="top"><em>length</em> </td><td>length of the data that data point to. </td></tr> 297226031Sstas <tr><td valign="top"></td><td valign="top"><em>encryptedContent</em> </td><td>in case of detached signature, this contains the actual encrypted data, othersize its should be NULL. </td></tr> 298226031Sstas <tr><td valign="top"></td><td valign="top"><em>time_now</em> </td><td>set the current time, if zero the library uses now as the date. </td></tr> 299226031Sstas <tr><td valign="top"></td><td valign="top"><em>contentType</em> </td><td>output type oid, should be freed with der_free_oid(). </td></tr> 300226031Sstas <tr><td valign="top"></td><td valign="top"><em>content</em> </td><td>the data, free with der_free_octet_string(). </td></tr> 301226031Sstas </table> 302226031Sstas</dl> 303226031Sstas 304226031Sstas</div> 305226031Sstas</div><p> 306226031Sstas<a class="anchor" name="gacbd636f3053c560782d83251f42b71a"></a><!-- doxytag: member="cms.c::hx509_cms_unwrap_ContentInfo" ref="gacbd636f3053c560782d83251f42b71a" args="(const heim_octet_string *in, heim_oid *oid, heim_octet_string *out, int *have_data)" --> 307226031Sstas<div class="memitem"> 308226031Sstas<div class="memproto"> 309226031Sstas <table class="memname"> 310226031Sstas <tr> 311226031Sstas <td class="memname">int hx509_cms_unwrap_ContentInfo </td> 312226031Sstas <td>(</td> 313226031Sstas <td class="paramtype">const heim_octet_string * </td> 314226031Sstas <td class="paramname"> <em>in</em>, </td> 315226031Sstas </tr> 316226031Sstas <tr> 317226031Sstas <td class="paramkey"></td> 318226031Sstas <td></td> 319226031Sstas <td class="paramtype">heim_oid * </td> 320226031Sstas <td class="paramname"> <em>oid</em>, </td> 321226031Sstas </tr> 322226031Sstas <tr> 323226031Sstas <td class="paramkey"></td> 324226031Sstas <td></td> 325226031Sstas <td class="paramtype">heim_octet_string * </td> 326226031Sstas <td class="paramname"> <em>out</em>, </td> 327226031Sstas </tr> 328226031Sstas <tr> 329226031Sstas <td class="paramkey"></td> 330226031Sstas <td></td> 331226031Sstas <td class="paramtype">int * </td> 332226031Sstas <td class="paramname"> <em>have_data</em></td><td> </td> 333226031Sstas </tr> 334226031Sstas <tr> 335226031Sstas <td></td> 336226031Sstas <td>)</td> 337226031Sstas <td></td><td></td><td></td> 338226031Sstas </tr> 339226031Sstas </table> 340226031Sstas</div> 341226031Sstas<div class="memdoc"> 342226031Sstas 343226031Sstas<p> 344226031SstasDecode an ContentInfo and unwrap data and oid it.<p> 345226031Sstas<dl compact><dt><b>Parameters:</b></dt><dd> 346226031Sstas <table border="0" cellspacing="2" cellpadding="0"> 347226031Sstas <tr><td valign="top"></td><td valign="top"><em>in</em> </td><td>the encoded buffer. </td></tr> 348226031Sstas <tr><td valign="top"></td><td valign="top"><em>oid</em> </td><td>type of the content. </td></tr> 349226031Sstas <tr><td valign="top"></td><td valign="top"><em>out</em> </td><td>data to be wrapped. </td></tr> 350226031Sstas <tr><td valign="top"></td><td valign="top"><em>have_data</em> </td><td>since the data is optional, this flags show dthe diffrence between no data and the zero length data.</td></tr> 351226031Sstas </table> 352226031Sstas</dl> 353226031Sstas<dl class="return" compact><dt><b>Returns:</b></dt><dd>Returns an hx509 error code. </dd></dl> 354226031Sstas 355226031Sstas</div> 356226031Sstas</div><p> 357226031Sstas<a class="anchor" name="gedaf18507474021a8d092ca6ac90a1ad"></a><!-- doxytag: member="cms.c::hx509_cms_verify_signed" ref="gedaf18507474021a8d092ca6ac90a1ad" args="(hx509_context context, hx509_verify_ctx ctx, unsigned int flags, const void *data, size_t length, const heim_octet_string *signedContent, hx509_certs pool, heim_oid *contentType, heim_octet_string *content, hx509_certs *signer_certs)" --> 358226031Sstas<div class="memitem"> 359226031Sstas<div class="memproto"> 360226031Sstas <table class="memname"> 361226031Sstas <tr> 362226031Sstas <td class="memname">int hx509_cms_verify_signed </td> 363226031Sstas <td>(</td> 364226031Sstas <td class="paramtype">hx509_context </td> 365226031Sstas <td class="paramname"> <em>context</em>, </td> 366226031Sstas </tr> 367226031Sstas <tr> 368226031Sstas <td class="paramkey"></td> 369226031Sstas <td></td> 370226031Sstas <td class="paramtype">hx509_verify_ctx </td> 371226031Sstas <td class="paramname"> <em>ctx</em>, </td> 372226031Sstas </tr> 373226031Sstas <tr> 374226031Sstas <td class="paramkey"></td> 375226031Sstas <td></td> 376226031Sstas <td class="paramtype">unsigned int </td> 377226031Sstas <td class="paramname"> <em>flags</em>, </td> 378226031Sstas </tr> 379226031Sstas <tr> 380226031Sstas <td class="paramkey"></td> 381226031Sstas <td></td> 382226031Sstas <td class="paramtype">const void * </td> 383226031Sstas <td class="paramname"> <em>data</em>, </td> 384226031Sstas </tr> 385226031Sstas <tr> 386226031Sstas <td class="paramkey"></td> 387226031Sstas <td></td> 388226031Sstas <td class="paramtype">size_t </td> 389226031Sstas <td class="paramname"> <em>length</em>, </td> 390226031Sstas </tr> 391226031Sstas <tr> 392226031Sstas <td class="paramkey"></td> 393226031Sstas <td></td> 394226031Sstas <td class="paramtype">const heim_octet_string * </td> 395226031Sstas <td class="paramname"> <em>signedContent</em>, </td> 396226031Sstas </tr> 397226031Sstas <tr> 398226031Sstas <td class="paramkey"></td> 399226031Sstas <td></td> 400226031Sstas <td class="paramtype">hx509_certs </td> 401226031Sstas <td class="paramname"> <em>pool</em>, </td> 402226031Sstas </tr> 403226031Sstas <tr> 404226031Sstas <td class="paramkey"></td> 405226031Sstas <td></td> 406226031Sstas <td class="paramtype">heim_oid * </td> 407226031Sstas <td class="paramname"> <em>contentType</em>, </td> 408226031Sstas </tr> 409226031Sstas <tr> 410226031Sstas <td class="paramkey"></td> 411226031Sstas <td></td> 412226031Sstas <td class="paramtype">heim_octet_string * </td> 413226031Sstas <td class="paramname"> <em>content</em>, </td> 414226031Sstas </tr> 415226031Sstas <tr> 416226031Sstas <td class="paramkey"></td> 417226031Sstas <td></td> 418226031Sstas <td class="paramtype">hx509_certs * </td> 419226031Sstas <td class="paramname"> <em>signer_certs</em></td><td> </td> 420226031Sstas </tr> 421226031Sstas <tr> 422226031Sstas <td></td> 423226031Sstas <td>)</td> 424226031Sstas <td></td><td></td><td></td> 425226031Sstas </tr> 426226031Sstas </table> 427226031Sstas</div> 428226031Sstas<div class="memdoc"> 429226031Sstas 430226031Sstas<p> 431226031SstasDecode SignedData and verify that the signature is correct.<p> 432226031Sstas<dl compact><dt><b>Parameters:</b></dt><dd> 433226031Sstas <table border="0" cellspacing="2" cellpadding="0"> 434226031Sstas <tr><td valign="top"></td><td valign="top"><em>context</em> </td><td>A hx509 context. </td></tr> 435226031Sstas <tr><td valign="top"></td><td valign="top"><em>ctx</em> </td><td>a hx509 verify context. </td></tr> 436226031Sstas <tr><td valign="top"></td><td valign="top"><em>flags</em> </td><td>to control the behaivor of the function.<ul> 437226031Sstas<li>HX509_CMS_VS_NO_KU_CHECK - Don't check KeyUsage</li><li>HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH - allow oid mismatch</li><li>HX509_CMS_VS_ALLOW_ZERO_SIGNER - no signer, see below. </li></ul> 438226031Sstas</td></tr> 439226031Sstas <tr><td valign="top"></td><td valign="top"><em>data</em> </td><td>pointer to CMS SignedData encoded data. </td></tr> 440226031Sstas <tr><td valign="top"></td><td valign="top"><em>length</em> </td><td>length of the data that data point to. </td></tr> 441226031Sstas <tr><td valign="top"></td><td valign="top"><em>signedContent</em> </td><td>external data used for signature. </td></tr> 442226031Sstas <tr><td valign="top"></td><td valign="top"><em>pool</em> </td><td>certificate pool to build certificates paths. </td></tr> 443226031Sstas <tr><td valign="top"></td><td valign="top"><em>contentType</em> </td><td>free with der_free_oid(). </td></tr> 444226031Sstas <tr><td valign="top"></td><td valign="top"><em>content</em> </td><td>the output of the function, free with der_free_octet_string(). </td></tr> 445226031Sstas <tr><td valign="top"></td><td valign="top"><em>signer_certs</em> </td><td>list of the cerficates used to sign this request, free with <a class="el" href="group__hx509__keyset.html#ga3df96cfe4137beaea7e7b87b95dbe3f">hx509_certs_free()</a>. </td></tr> 446226031Sstas </table> 447226031Sstas</dl> 448226031Sstas 449226031Sstas<p> 450226031SstasIf HX509_CMS_VS_NO_KU_CHECK is set, allow more liberal search for matching certificates by not considering KeyUsage bits on the certificates.<p> 451226031SstasIf HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH, allow encapContentInfo mismatch with the oid in signedAttributes (or if no signedAttributes where use, pkcs7-data oid). This is only needed to work with broken CMS implementations that doesn't follow CMS signedAttributes rules.<p> 452226031SstasIf HX509_CMS_VS_NO_VALIDATE flags is set, do not verify the signing certificates and leave that up to the caller.<p> 453226031SstasIf HX509_CMS_VS_ALLOW_ZERO_SIGNER is set, allow empty SignerInfo (no signatures). If SignedData have no signatures, the function will return 0 with signer_certs set to NULL. Zero signers is allowed by the standard, but since its only useful in corner cases, it make into a flag that the caller have to turn on. 454226031Sstas</div> 455226031Sstas</div><p> 456226031Sstas<a class="anchor" name="g59a1f6dc31e384a0d378c8179f2be9c3"></a><!-- doxytag: member="cms.c::hx509_cms_wrap_ContentInfo" ref="g59a1f6dc31e384a0d378c8179f2be9c3" args="(const heim_oid *oid, const heim_octet_string *buf, heim_octet_string *res)" --> 457226031Sstas<div class="memitem"> 458226031Sstas<div class="memproto"> 459226031Sstas <table class="memname"> 460226031Sstas <tr> 461226031Sstas <td class="memname">int hx509_cms_wrap_ContentInfo </td> 462226031Sstas <td>(</td> 463226031Sstas <td class="paramtype">const heim_oid * </td> 464226031Sstas <td class="paramname"> <em>oid</em>, </td> 465226031Sstas </tr> 466226031Sstas <tr> 467226031Sstas <td class="paramkey"></td> 468226031Sstas <td></td> 469226031Sstas <td class="paramtype">const heim_octet_string * </td> 470226031Sstas <td class="paramname"> <em>buf</em>, </td> 471226031Sstas </tr> 472226031Sstas <tr> 473226031Sstas <td class="paramkey"></td> 474226031Sstas <td></td> 475226031Sstas <td class="paramtype">heim_octet_string * </td> 476226031Sstas <td class="paramname"> <em>res</em></td><td> </td> 477226031Sstas </tr> 478226031Sstas <tr> 479226031Sstas <td></td> 480226031Sstas <td>)</td> 481226031Sstas <td></td><td></td><td></td> 482226031Sstas </tr> 483226031Sstas </table> 484226031Sstas</div> 485226031Sstas<div class="memdoc"> 486226031Sstas 487226031Sstas<p> 488226031SstasWrap data and oid in a ContentInfo and encode it.<p> 489226031Sstas<dl compact><dt><b>Parameters:</b></dt><dd> 490226031Sstas <table border="0" cellspacing="2" cellpadding="0"> 491226031Sstas <tr><td valign="top"></td><td valign="top"><em>oid</em> </td><td>type of the content. </td></tr> 492226031Sstas <tr><td valign="top"></td><td valign="top"><em>buf</em> </td><td>data to be wrapped. If a NULL pointer is passed in, the optional content field in the ContentInfo is not going be filled in. </td></tr> 493226031Sstas <tr><td valign="top"></td><td valign="top"><em>res</em> </td><td>the encoded buffer, the result should be freed with der_free_octet_string().</td></tr> 494226031Sstas </table> 495226031Sstas</dl> 496226031Sstas<dl class="return" compact><dt><b>Returns:</b></dt><dd>Returns an hx509 error code. </dd></dl> 497226031Sstas 498226031Sstas</div> 499226031Sstas</div><p> 500226031Sstas</div> 501226031Sstas<hr size="1"><address style="text-align: right;"><small> 502234027SstasGenerated on Wed Jan 11 14:07:40 2012 for Heimdalx509library by <a href="http://www.doxygen.org/index.html"><img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.6</small></address> 503226031Sstas</body> 504226031Sstas</html> 505
