-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2/24/15 10:10 AM, Dr. Stephen Henson wrote: > On Tue, Feb 24, 2015, Richard Welty wrote: > >> On 2/24/15 9:21 AM, Dr. Stephen Henson wrote: >>> >>> Typically you'd write the signed content to a memory BIO and then decrypt >>> that. Precisely how you decrypt the enveloped data depends on the format. It >>> might be in MIME format in which case you'd pass it through the MIME parser. >>> Alternatively it could be enveloped data content type in which case you'd >>> decode it as BER form. >>> >>> There are shortcuts you can make if, for example, you know the signed content >>> is not detached and in BER form. >>> >> it will not be detached, and will be in BER form. shortcuts (as long as >> they're >> in a documented API) are welcome as this is in a path that should be fast. >> > > So the embedded content type will be enveloped data? > > If so first you can check that type using CMS_get0_eContentType(). > > Then you can use CMS_get0_content() to retrieve the embedded content as a > pointer to an OCTET STRING pointer. You should check that content is not NULL > and then retrieve the encoding of the content using ASN1_STRING_data and > ASN1_STRING_length. > > Once you have those you can decode using d2i_CMS_ContentInfo(). > > A couple of those functions are currently undocumented (that will be fixed) but > nothing in that involves using structure internals. > coming back to this after a bit of time; the project is finally getting fired up. there are two questions in front of me right now: 1) the documentation on d2i_CMS_ContentInfo() is a bit light on details about the parameters. what should the first parameter be, a certificate as with d2i_X509? 2) is there something roughly analogous for encryption? i need a fast-but-documented path for encrypting and signing data using BER on the server that will be decrypted client (and vice versa). thanks, richard -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVQq2BAAoJEBg+LdNh/YEc/xwQAL2QH/aH1LUATeAmGmt2h7tk n4K5ghhrIwCOlrgqXNbSS7qEmrXdRgKPhTZkJVx/Y236hqJt/AqjyB0geCmDIuMi uOXzPXlWInj6jg9kjGq+jEMeG9Czu1i/DfSJjB01N6asEx8YKvNZUVnNqKj8fkBi iit0a5/61B26bd8oGVAFfM6gMJMBZRWqbPSFhjPyB2tMWMOfnZ7N08N66qz29/Xk vKiG1EEj6SRAPTFhzqzLzZphtShWDXeQP6pfrSRJ6AGiTfX2Gvn/7iwUiPUF3sLX 8ULskp3XyWeA/L71vLUNvo49XVdx/7lCj4o8nbCrI+/fgIREPAdI+AzvsxYv8wFH K/pSYZOL5ag+YiMBt9pfPCxhUebjz4KS9InoT4g15x8DuhosiB/6JWOFsKpHENxX 5TO/tRteopWmQ0PBCbrrBG58Gdg0t7OW6tBM0e13cYLTfUc93eOb7lJhuMOzzkqJ i6VF99Cosj8WcjZuh4hASVHe7h9pBOlabl8xHlSocbn91Q68RnwpQ12HoQMhjqze 1Za4yaQagcd8OnBoRc8gXCWUGNfLRYjEXdXaKt1AlFWQHa6h2ZcGwgoMukg+Fu1Z AyY7vaxIPa3wBR1eNhv15hrgwBmoWPzTgoupTbbiP4e5HnmcdWUcjnKvOd+kamQG SHhG4PeipRKHtJ1OzA5Q =vlyk -----END PGP SIGNATURE-----
