CMS processing interfaces.
更多...
|
| HITLS_CMS * | HITLS_CMS_ProviderNew (HITLS_PKI_LibCtx *libCtx, const char *attrName, int32_t dataType) |
| | Create a new CMS handle
|
| void | HITLS_CMS_Free (HITLS_CMS *cms) |
| | Free CMS structure
|
| int32_t | HITLS_CMS_ProviderParseBuff (HITLS_PKI_LibCtx *libCtx, const char *attrName, const BSL_Param *param, const BSL_Buffer *encode, HITLS_CMS **cms) |
| | cms parse
|
| int32_t | HITLS_CMS_ProviderParseFile (HITLS_PKI_LibCtx *libCtx, const char *attrName, const BSL_Param *param, const char *path, HITLS_CMS **cms) |
| | cms parse file
|
| int32_t | HITLS_CMS_DataSign (HITLS_CMS *cms, CRYPT_EAL_PkeyCtx *prvKey, HITLS_X509_Cert *cert, BSL_Buffer *msg, const BSL_Param *optionalParam) |
| | Create signer information and optionally perform one-shot signing.
|
| int32_t | HITLS_CMS_DataVerify (HITLS_CMS *cms, BSL_Buffer *msg, const BSL_Param *inputParam, BSL_Buffer *output) |
| | Verify CMS SignedData signatures
|
| int32_t | HITLS_CMS_DataInit (int32_t option, HITLS_CMS *cms, const BSL_Param *param) |
| | Initialize streaming operation for CMS SignedData (unified interface)
|
| int32_t | HITLS_CMS_DataUpdate (HITLS_CMS *cms, const BSL_Buffer *input) |
| | Update streaming operation with input data chunk (unified interface)
|
| int32_t | HITLS_CMS_DataFinal (HITLS_CMS *cms, const BSL_Param *param) |
| | Finalize streaming operation (unified interface)
|
| int32_t | HITLS_CMS_Ctrl (HITLS_CMS *cms, int32_t cmd, void *val, uint32_t valLen) |
| | Control and modify CMS auxiliary data (certificates, CRLs, etc.)
|
CMS processing interfaces.
◆ HITLS_CMS_Ctrl()
| int32_t HITLS_CMS_Ctrl |
( |
HITLS_CMS * | cms, |
|
|
int32_t | cmd, |
|
|
void * | val, |
|
|
uint32_t | valLen ) |
Control and modify CMS auxiliary data (certificates, CRLs, etc.)
- Description:
- Supported cmd values in hitls_pki_types.h: HITLS_CMS_Cmd.
- 参数
-
| cms | [IN/OUT] CMS structure to modify |
| cmd | [IN] Control command (e.g., add cert, add crl) |
| val | [IN] Pointer to data or object for the command |
| valLen | [IN] Length of data pointed by val (if applicable) |
- 返回值
-
◆ HITLS_CMS_DataFinal()
| int32_t HITLS_CMS_DataFinal |
( |
HITLS_CMS * | cms, |
|
|
const BSL_Param * | param ) |
Finalize streaming operation (unified interface)
- Description:
- Finalize the streaming operation. For sign, this generates the signature and adds the completed SignerInfo to the CMS structure. For verification, this finalizes the digest computation, compares with message-digest attributes, and verifies all signatures.
The function determines the operation type based on the option set in HITLS_CMS_DataInit.
- 注意
- Call HITLS_CMS_DataInit and at least one HITLS_CMS_DataUpdate before calling this function.
- 参数
-
| cms | [IN/OUT] CMS structure |
| param | [IN] Parameters:
- For signing: Optional parameters (can be NULL) for signature
- For verification: Optional parameters (can be NULL) containing untrusted cert-list, ca-cert list, etc.
|
- 返回值
-
◆ HITLS_CMS_DataInit()
| int32_t HITLS_CMS_DataInit |
( |
int32_t | option, |
|
|
HITLS_CMS * | cms, |
|
|
const BSL_Param * | param ) |
Initialize streaming operation for CMS SignedData (unified interface)
- Description: Unified interface for initializing streaming operations.
Useful for to deal sign or verify large input data.
- 注意
- State must be HITLS_CMS_UNINIT.
- 参数
-
| cms | [IN/OUT] CMS structure to initialize |
| option | [IN] Operation option,ref hitls_pki_types.h |
| param | [IN] Optional parameters (can be NULL). |
- 返回值
-
◆ HITLS_CMS_DataSign()
| int32_t HITLS_CMS_DataSign |
( |
HITLS_CMS * | cms, |
|
|
CRYPT_EAL_PkeyCtx * | prvKey, |
|
|
HITLS_X509_Cert * | cert, |
|
|
BSL_Buffer * | msg, |
|
|
const BSL_Param * | optionalParam ) |
Create signer information and optionally perform one-shot signing.
- Description:
- Always builds a CMS_SignerInfo from the supplied certificate using the requested version.
- When msg/prvKey are provided, the function performs a complete one-shot signing flow and adds the SignerInfo into the CMS SignedData structure.
- When msg is NULL, only the SignerInfo is created. The caller can then use the streaming APIs (SignInit/Update/Final) to finish signing later.
- 参数
-
| cms | [IN] CMS SignedData handle that will own the signer (must be SignedData type) |
| prvKey | [IN] Private key used for signing (required for one-shot signing, optional when msg is NULL) |
| cert | [IN] Signer certificate used to derive identifier fields |
| msg | [IN] Message buffer to sign; set to NULL to only create SignerInfo for streaming usage |
| optionalParam | [IN] Optional parameters (can be NULL). it may contains untrusted cert-list, ca-cert list, |
- 返回值
-
◆ HITLS_CMS_DataUpdate()
| int32_t HITLS_CMS_DataUpdate |
( |
HITLS_CMS * | cms, |
|
|
const BSL_Buffer * | input ) |
Update streaming operation with input data chunk (unified interface)
- Description: deal with a chunk of input data. This function can be
- called multiple times to process the input data in chunks.
Works for both sign and verify.
- 注意
- Call HITLS_CMS_DataInit before calling this function.
- 参数
-
| cms | [IN/OUT] CMS structure |
| input | [IN] Input data chunk to process |
- 返回值
-
◆ HITLS_CMS_DataVerify()
| int32_t HITLS_CMS_DataVerify |
( |
HITLS_CMS * | cms, |
|
|
BSL_Buffer * | msg, |
|
|
const BSL_Param * | inputParam, |
|
|
BSL_Buffer * | output ) |
Verify CMS SignedData signatures
- Description: Verify all signatures in the CMS SignedData structure.
- 注意
- The message data must be provided for detached SignedData; it is optional for non-detached.
- 参数
-
| cms | [IN] CMS structure containing signatures to verify |
| msg | [IN] Message data to verify (required for detached, optional for non-detached) |
| inputParam | [IN] Optional parameters (can be NULL). it may contains untrusted cert-list, ca-cert list, |
| output | [OUT] If not NULL, returns the actual message buffer used for verification (points to msg for detached, or to embedded content for attached) |
- 返回值
-
| #HITLS_PKI_SUCCESS | on success (all signatures are valid). Error codes can be found in hitls_pki_errno.h |
◆ HITLS_CMS_Free()
| void HITLS_CMS_Free |
( |
HITLS_CMS * | cms | ) |
|
◆ HITLS_CMS_ProviderNew()
| HITLS_CMS * HITLS_CMS_ProviderNew |
( |
HITLS_PKI_LibCtx * | libCtx, |
|
|
const char * | attrName, |
|
|
int32_t | dataType ) |
Create a new CMS handle
- 参数
-
| libCtx | library context |
| attrName | Attribute/profile name |
| dataType | CMS content/data type (e.g., SignedData) |
- 返回
- Pointer to the newly created CMS handle on success, or NULL on failure
◆ HITLS_CMS_ProviderParseBuff()
| int32_t HITLS_CMS_ProviderParseBuff |
( |
HITLS_PKI_LibCtx * | libCtx, |
|
|
const char * | attrName, |
|
|
const BSL_Param * | param, |
|
|
const BSL_Buffer * | encode, |
|
|
HITLS_CMS ** | cms ) |
cms parse
- Description: parse cms buffer, and set the cms struct. Now only support to parse signeddata.
- 注意
- Only support to parse cms buffer.
- 参数
-
| libCtx | [IN] lib context |
| attrName | [IN] attribute name |
| param | [IN] parameter |
| encode | [IN] encode data |
| cms | [OUT] the cms struct. |
- 返回值
-
◆ HITLS_CMS_ProviderParseFile()
| int32_t HITLS_CMS_ProviderParseFile |
( |
HITLS_PKI_LibCtx * | libCtx, |
|
|
const char * | attrName, |
|
|
const BSL_Param * | param, |
|
|
const char * | path, |
|
|
HITLS_CMS ** | cms ) |
cms parse file
- Description: parse cms file, and set the cms struct.
- 注意
- Only support to parse cms files.
- 参数
-
| libCtx | [IN] lib context |
| attrName | [IN] attribute name |
| param | [IN] parameter |
| path | [IN] cms file path. |
| cms | [OUT] the cms struct. |
- 返回值
-
1.15.0