pub struct CmsContentInfo(/* private fields */);
Expand description
High level CMS wrapper
CMS supports nesting various types of data, including signatures, certificates,
encrypted data, smime messages (encrypted email), and data digest. The ContentInfo
content type is the encapsulation of all those content types. RFC 5652
describes
CMS and OpenSSL follows this RFC’s implementation.
Implementations§
source§impl CmsContentInfo
impl CmsContentInfo
sourcepub fn smime_read_cms(smime: &[u8]) -> Result<CmsContentInfo, ErrorStack>
pub fn smime_read_cms(smime: &[u8]) -> Result<CmsContentInfo, ErrorStack>
Parses a smime formatted vec
of bytes into a CmsContentInfo
.
This corresponds to SMIME_read_CMS
.
sourcepub fn from_der(der: &[u8]) -> Result<CmsContentInfo, ErrorStack>
pub fn from_der(der: &[u8]) -> Result<CmsContentInfo, ErrorStack>
Deserializes a DER-encoded ContentInfo structure.
This corresponds to d2i_CMS_ContentInfo
.
sourcepub fn from_pem(pem: &[u8]) -> Result<CmsContentInfo, ErrorStack>
pub fn from_pem(pem: &[u8]) -> Result<CmsContentInfo, ErrorStack>
Deserializes a PEM-encoded ContentInfo structure.
This corresponds to PEM_read_bio_CMS
.
sourcepub fn sign<T>(
signcert: Option<&X509Ref>,
pkey: Option<&PKeyRef<T>>,
certs: Option<&StackRef<X509>>,
data: Option<&[u8]>,
flags: CMSOptions,
) -> Result<CmsContentInfo, ErrorStack>where
T: HasPrivate,
pub fn sign<T>(
signcert: Option<&X509Ref>,
pkey: Option<&PKeyRef<T>>,
certs: Option<&StackRef<X509>>,
data: Option<&[u8]>,
flags: CMSOptions,
) -> Result<CmsContentInfo, ErrorStack>where
T: HasPrivate,
Given a signing cert signcert
, private key pkey
, a certificate stack certs
,
data data
and flags flags
, create a CmsContentInfo struct.
All arguments are optional.
This corresponds to CMS_sign
.
sourcepub fn encrypt(
certs: &StackRef<X509>,
data: &[u8],
cipher: Cipher,
flags: CMSOptions,
) -> Result<CmsContentInfo, ErrorStack>
pub fn encrypt( certs: &StackRef<X509>, data: &[u8], cipher: Cipher, flags: CMSOptions, ) -> Result<CmsContentInfo, ErrorStack>
Given a certificate stack certs
, data data
, cipher cipher
and flags flags
,
create a CmsContentInfo struct.
OpenSSL documentation at CMS_encrypt
This corresponds to CMS_encrypt
.
sourcepub fn verify(
&mut self,
certs: Option<&StackRef<X509>>,
store: Option<&X509StoreRef>,
detached_data: Option<&[u8]>,
output_data: Option<&mut Vec<u8>>,
flags: CMSOptions,
) -> Result<(), ErrorStack>
pub fn verify( &mut self, certs: Option<&StackRef<X509>>, store: Option<&X509StoreRef>, detached_data: Option<&[u8]>, output_data: Option<&mut Vec<u8>>, flags: CMSOptions, ) -> Result<(), ErrorStack>
Verify this CmsContentInfo’s signature,
This will search the ‘certs’ list for the signing certificate.
Additional certificates, needed for building the certificate chain, may be
given in ‘store’ as well as additional CRLs.
A detached signature may be passed in detached_data
. The signed content
without signature, will be copied into output_data if it is present.
This corresponds to CMS_verify
.
Methods from Deref<Target = CmsContentInfoRef>§
sourcepub fn decrypt<T>(
&self,
pkey: &PKeyRef<T>,
cert: &X509,
) -> Result<Vec<u8>, ErrorStack>where
T: HasPrivate,
pub fn decrypt<T>(
&self,
pkey: &PKeyRef<T>,
cert: &X509,
) -> Result<Vec<u8>, ErrorStack>where
T: HasPrivate,
Given the sender’s private key, pkey
and the recipient’s certificate, cert
,
decrypt the data in self
.
This corresponds to CMS_decrypt
.
sourcepub fn decrypt_without_cert_check<T>(
&self,
pkey: &PKeyRef<T>,
) -> Result<Vec<u8>, ErrorStack>where
T: HasPrivate,
pub fn decrypt_without_cert_check<T>(
&self,
pkey: &PKeyRef<T>,
) -> Result<Vec<u8>, ErrorStack>where
T: HasPrivate,
Given the sender’s private key, pkey
,
decrypt the data in self
without validating the recipient certificate.
Warning: Not checking the recipient certificate may leave you vulnerable to Bleichenbacher’s attack on PKCS#1 v1.5 RSA padding.
This corresponds to CMS_decrypt
.
sourcepub fn to_der(&self) -> Result<Vec<u8>, ErrorStack>
pub fn to_der(&self) -> Result<Vec<u8>, ErrorStack>
Serializes this CmsContentInfo using DER.
This corresponds to i2d_CMS_ContentInfo
.
sourcepub fn to_pem(&self) -> Result<Vec<u8>, ErrorStack>
pub fn to_pem(&self) -> Result<Vec<u8>, ErrorStack>
Serializes this CmsContentInfo using DER.
This corresponds to PEM_write_bio_CMS
.