Expand description
§Cryptographic Message Syntax
rasn-cms
is an implementation of the data types defined in IETF
RFC 4108, RFC 5083, RFC 5084, and RFC 5652. Also known as
Cryptographic Message Syntax (CMS) or PKCS#7.
This does not provide an implementation of a CMS generator or validator, instead
rasn-cms
provides an implementation of the underlying data types used to
decode and encode the CMS structures from/to DER or BER.
Modules§
- Algorithms used with CMS.
- Windows Authenticode Portable Executable Signature Format
- Firmware Package Wrappers
- PKCS7 compatibility module.
Structs§
- Identifies what algorithm was used, along with any parameters used as input.
- AuthenticatedData represents an authenticated-data content type
- An X.509 certificate
- A signed list of revoked certificates.
- ContentInfo encapsulates a single identified content type, and the identified type may provide further encapsulation.
- DigestedData represents a digested-data content type
- The content is represented in the type EncapsulatedContentInfo
- EncryptedContentInfo is the encrypted content information
- EncryptedData represents an encrypted-data content type
- EnvelopedData represents an enveloped-data content type
- The IssuerAndSerialNumber type identifies a certificate, and thereby an entity and a public key, by the distinguished name of the certificate issuer and an issuer-specific certificate serial number.
- KekIdentifier specifies a symmetric key-encryption key that was previously distributed to the sender and one or more recipients.
- Recipient information using previously distributed symmetric keys is represented in the type KEKRecipientInfo.
- Recipient information using key agreement is represented in the type KeyAgreeRecipientInfo.
- Per-recipient information using key transport is represented in the type KeyTransRecipientInfo. Each instance of KeyTransRecipientInfo transfers the content-encryption key to one recipient.
- OriginatorInfo optionally provides information about the originator. It is present only if required by the key management algorithm.
- The OriginatorPublicKey alternative includes the algorithm identifier and sender’s key agreement public key.
- OtherCertificateFormat represents a custom certificate format
- Additional information used by the recipient to determine the key-encryption key used by the sender.
- Recipient information for additional key management techniques are represented in the type OtherRecipientInfo.
- The OtherRevocationInfoFormat alternative is provided to support any other revocation information format without further modifications to the CMS.
- Recipient information using a password or shared secret value is represented in the type PasswordRecipientInfo.
- RecipientEncryptedKey includes a recipient identifier and encrypted key for one or more recipients.
- RecipientKeyIdentifier identifies the recipient’s key.
- SignedData represents a signed-data content type
- Per-signer information is represented in the type SignerInfo
Enums§
- The `CertificateChoices`` type contains options for certificate formats.
- KeyAgreeRecipientIdentifier is a CHOICE with two alternatives.
- OriginatorIdentifierOrKey is a CHOICE with three alternatives specifying the sender’s key agreement public key.
- RecipientIdentifier specifies the recipient’s certificate or key that was used by the sender to protect the content-encryption key.
- RecipientInfo is a per-recipient information.
- The RevocationInfoChoice type gives a revocation status information alternatives.
- SignerIdentifier data type represents the choice of signer identifications
Constants§
- OID of AuthenticatedData content type
- OID of Data content type
- OID of DigestedData content type
- OID of EncryptedData content type
- OID of EnvelopedData content type
- OID of top-level CMS ContentInfo
- OID of SignedData content type
- OID of CMS ContentType
- OID of CounterSignature
- OID of MessageDigest
- OID of SigningTime