This topic describes the Certificate Management Services (CMS) APIs. These APIs can be used to create/manage your own key database files in a similar function to the SSL gskkyman utility, use certificates stored in the key database file or key ring for purposes other than SSL, and basic PKCS #7 message support.
System SSL supports X.509 certificates (V1, V2, or V3) and X.509 V2 Certificate Revocation Lists as described in RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, RFC 3280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile and RFC 2459: Internet x.509 Public Key Infrastructure Certificate and CRL Profile. RFC 5280 obsoletes RFC 3280 which obsoletes RFC 2459.
Note: You can use the gsk_strerror() routine to return a text
string describing a CMS error code. See gsk_strerror() for
more information.
This is a list of the Certificate Management Services (CMS) APIs:
- gsk_add_record() (see gsk_add_record())
- gsk_change_database_password() (see gsk_change_database_password())
- gsk_change_database_record_length() (see gsk_change_database_record_length())
- gsk_close_database() (see gsk_close_database())
- gsk_close_directory() (see gsk_close_directory() )
- gsk_construct_certificate() (see gsk_construct_certificate())
- gsk_construct_private_key() (see gsk_construct_private_key())
- gsk_construct_private_key_rsa() (see gsk_construct_private_key_rsa())
- gsk_construct_public_key() (see gsk_construct_public_key())
- gsk_construct_public_key_rsa() (see gsk_construct_public_key_rsa())
- gsk_construct_renewal_request() (see gsk_construct_renewal_request())
- gsk_construct_self_signed_certificate() (see gsk_construct_self_signed_certificate())
- gsk_construct_signed_certificate() (see gsk_construct_signed_certificate())
- gsk_copy_attributes_signers() (see gsk_copy_attributes_signers())
- gsk_copy_buffer() (see gsk_copy_buffer())
- gsk_copy_certificate() (see gsk_copy_certificate())
- gsk_copy_certificate_extension() (see gsk_copy_certificate_extension())
- gsk_copy_certification_request() (see gsk_copy_certification_request())
- gsk_copy_content_info() (see gsk_copy_content_info())
- gsk_copy_crl() (see gsk_copy_crl())
- gsk_copy_name() (see gsk_copy_name())
- gsk_copy_private_key_info() (see gsk_copy_private_key_info())
- gsk_copy_public_key_info() (see gsk_copy_public_key_info())
- gsk_copy_record() (see gsk_copy_record())
- gsk_create_certification_request() (see gsk_create_certification_request())
- gsk_create_database() (see gsk_create_database())
- gsk_create_database_renewal_request() (see gsk_create_database_renewal_request())
- gsk_create_database_signed_certificate() (see gsk_create_database_signed_certificate())
- gsk_create_renewal_request() (see gsk_create_renewal_request())
- gsk_create_revocation_source() (see
gsk_create_revocation_source()
) - gsk_create_self_signed_certificate() (see gsk_create_self_signed_certificate())
- gsk_create_signed_certificate() (see gsk_create_signed_certificate())
- gsk_create_signed_certificate_record() (see gsk_create_signed_certificate_record())
- gsk_create_signed_certificate_set() (see gsk_create_signed_certificate_set())
- gsk_create_signed_crl() (see gsk_create_signed_crl())
- gsk_create_signed_crl_record() (see gsk_create_signed_crl_record())
- gsk_decode_base64() (see gsk_decode_base64())
- gsk_decode_certificate() (see gsk_decode_certificate())
- gsk_decode_certificate_extension() (see gsk_decode_certificate_extension())
- gsk_decode_certification_request() (see gsk_decode_certification_request())
- gsk_decode_crl() (see gsk_decode_crl())
- gsk_decode_import_certificate() (see gsk_decode_import_certificate())
- gsk_decode_import_key() (see gsk_decode_import_key())
- gsk_decode_issuer_and_serial_number() (see gsk_decode_issuer_and_serial_number())
- gsk_decode_name() (see gsk_decode_name())
- gsk_decode_private_key() (see gsk_decode_private key())
- gsk_decode_public_key() (see gsk_decode_public key())
- gsk_decode_signer_identifier() (see gsk_decode_signer_identifier())
- gsk_delete_record() (see gsk_delete_record())
- gsk_dn_to_name() (see gsk_dn_to_name())
- gsk_encode_base64() (see gsk_encode_base64())
- gsk_encode_certificate_extension() (see gsk_encode_certificate_extension())
- gsk_encode_ec_parameters() (see gsk_encode_ec_parameters())
- gsk_encode_export_certificate() (see gsk_encode_export_certificate())
- gsk_encode_export_key() (see gsk_encode_export_key())
- gsk_encode_export_request() (see gsk_encode_export_request())
- gsk_encode_issuer_and_serial_number() (see gsk_encode_issuer_and_serial_number())
- gsk_encode_name() (see gsk_encode_name())
- gsk_encode_private_key() (see gsk_encode_private_key())
- gsk_encode_public_key() (see gsk_encode_public_key())
- gsk_encode_signature() (see gsk_encode_signature())
- gsk_encode_signer_identifier() (see gsk_encode_signer_identifier())
- gsk_export_certificate() (see gsk_export_certificate())
- gsk_export_certification_request() (see gsk_export_certification_request())
- gsk_export_key() (see gsk_export_key())
- gsk_factor_private_key() (see gsk_factor_private_key())
- gsk_factor_private_key_rsa() (see gsk_factor_private_key_rsa())
- gsk_factor_public_key() (see gsk_factor_public_key())
- gsk_factor_public_key_rsa() (see gsk_factor_public_key_rsa())
- gsk_fips_state_query() (see gsk_fips_state_query())
- gsk_fips_state_set() (see gsk_fips_state_set())
- gsk_free_attributes_signers() (see gsk_free_attributes_signers())
- gsk_free_buffer() (see gsk_free_buffer())
- gsk_free_certificate() (see gsk_free_certificate())
- gsk_free_certificates() (see gsk_free_certificates())
- gsk_free_certificate_extension() (see gsk_free_certificate_extension())
- gsk_free_certification_request() (see gsk_free_certification_request())
- gsk_free_content_info() (see gsk_free_content_info())
- gsk_free_crl() (see gsk_free_crl())
- gsk_free_crls() (see gsk_free_crls())
- gsk_free_decoded_extension() (see gsk_free_decoded_extension())
- gsk_free_issuer_and_serial_number() (see gsk_free_issuer_and_serial_number())
- gsk_free_name() (see gsk_free_name())
- gsk_free_oid() (see gsk_free_oid())
- gsk_free_private_key() (see gsk_free_private_key())
- gsk_free_private_key_info() (see gsk_free_private_key_info())
- gsk_free_public_key() (see gsk_free_public_key())
- gsk_free_public_key_info() (see gsk_free_public_key_info())
- gsk_free_record() (see gsk_free_record())
- gsk_free_records() (see gsk_free_records())
- gsk_free_revocation_source() (see gsk_free_revocation_source())
- gsk_free_signer_identifier() (see gsk_free_signer_identifier())
- gsk_free_string() (see gsk_free_string())
- gsk_free_strings() (see gsk_free_strings())
- gsk_generate_key_agreement_pair() (see gsk_generate_key_agreement_pair())
- gsk_generate_key_pair() (see gsk_generate_key_pair())
- gsk_generate_key_parameters() (see gsk_generate_key_parameters())
- gsk_generate_random_bytes() (see gsk_generate_random_bytes())
- gsk_generate_secret() (see gsk_generate_secret())
- gsk_get_certificate_algorithms() (see gsk_get_certificate_algorithms())
- gsk_get_certificate_info() (see gsk_get_certificate_info())
- gsk_get_cms_vector() (see gsk_get_cms_vector())
- gsk_get_content_type_and_cms_version() (see gsk_get_content_type_and_cms_version())
- gsk_get_default_key() (see gsk_get_default_key())
- gsk_get_default_label() (see gsk_get_default_label())
- gsk_get_directory_certificates() (see gsk_get_directory_certificates())
- gsk_get_directory_crls() (see gsk_get_directory_crls())
- gsk_get_directory_enum() (see gsk_get_directory_enum())
- gsk_get_directory_numeric_value() (see gsk_get_directory_numeric_value())
- gsk_get_ec_parameters_info() (see gsk_get_ec_parameters_info())
- gsk_get_record_by_id() (see gsk_get_record_by_id())
- gsk_get_record_by_index() (see gsk_get_record_by_index())
- gsk_get_record_by_label() (see gsk_get_record_by_label())
- gsk_get_record_by_subject() (see gsk_get_record_by_subject())
- gsk_get_record_labels() (see gsk_get_record_labels())
- gsk_get_update_code() (see gsk_get_update_code())
- gsk_import_certificate() (see gsk_import_certificate())
- gsk_import_key() (see gsk_import_key())
- gsk_make_content_msg() (see gsk_make_content_msg())
- gsk_make_data_content() (see gsk_make_data_content())
- gsk_make_data_msg() (see gsk_make_data_msg())
- gsk_make_encrypted_data_content() (see gsk_make_encrypted_data_content())
- gsk_make_encrypted_data_msg() (see gsk_make_encrypted_data_msg())
- gsk_make_enveloped_data_content() (see gsk_make_enveloped_data_content())
- gsk_make_enveloped_data_content_extended() (see gsk_make_enveloped_data_content_extended())
- gsk_make_enveloped_data_msg() (see gsk_make_enveloped_data_msg())
- gsk_make_enveloped_data_msg_extended() (seegsk_make_enveloped_data_msg_extended())
- gsk_make_enveloped_private_key_msg() (see gsk_make_enveloped_private_key_msg()
- gsk_make_signed_data_content() (see gsk_make_signed_data_content())
- gsk_make_signed_data_content_extended() (see gsk_make_signed_data_content_extended())
- gsk_make_signed_data_msg() (see gsk_make_signed_data_msg())
- gsk_make_signed_data_msg_extended() (see gsk_make_signed_data_msg_extended())
- gsk_make_wrapped_content() (see gsk_make_wrapped_content())
- gsk_mktime() (see gsk_mktime())
- gsk_modify_pkcs11_key_label() (see gsk_modify_pkcs11_key_label()
- gsk_name_compare() (see gsk_name_compare())
- gsk_name_to_dn()(see gsk_name_to_dn())
- gsk_open_database() (see gsk_open_database())
- gsk_open_database_using_stash_file() (see gsk_open_database_using_stash_file())
- gsk_open_directory() (see gsk_open_directory())
- gsk_open_keyring() (see gsk_open_keyring())
- gsk_perform_kat() (see gsk_perform_kat())
- gsk_query_crypto_level() (see gsk_query_crypto_level())
- gsk_query_database_label() (see gsk_query_database_label())
- gsk_query_database_record_length() (see gsk_query_database_record_length())
- gsk_rdtime() (see gsk_rdtime())
- gsk_read_content_msg() (see gsk_read_content_msg())
- gsk_read_data_content() (see gsk_read_data_content())
- gsk_read_data_msg() (see gsk_read_data_msg())
- gsk_read_encrypted_data_content() (see gsk_read_encrypted_data_content())
- gsk_read_encrypted_data_msg() (see gsk_read_encrypted_data_msg())
- gsk_read_enveloped_data_content() (see gsk_read_enveloped_data_content())
- gsk_read_enveloped_data_content_extended() (see gsk_read_enveloped_data_content_extended())
- gsk_read_enveloped_data_msg() (see gsk_read_enveloped_data_msg())
- gsk_read_enveloped_data_msg_extended() (see gsk_read_enveloped_data_msg_extended())
- gsk_read_signed_data_content() (see gsk_read_signed_data_content())
- gsk_read_signed_data_content_extended() (see gsk_read_signed_data_content_extended())
- gsk_read_signed_data_msg() (see gsk_read_signed_data_msg())
- gsk_read_signed_data_msg_extended() (see gsk_read_signed_data_msg_extended())
- gsk_read_wrapped_content() (see gsk_read_wrapped_content())
- gsk_receive_certificate() (see gsk_receive_certificate())
- gsk_replace_record() (see gsk_replace_record())
- gsk_set_default_key() (see gsk_set_default_key())
- gsk_set_directory_enum() (see gsk_set_directory_enum())
- gsk_set_directory_numeric_value() (see gsk_set_directory_numeric_value())
- gsk_sign_certificate() (see gsk_sign_certificate())
- gsk_sign_crl() (see gsk_sign_crl())
- gsk_sign_data() (see gsk_sign_data())
- gsk_validate_certificate() (see gsk_validate_certificate())
- gsk_validate_certificate_mode() (see gsk_validate_certificate_mode())
- gsk_validate_extended_key_usage() (see gsk_validate_extended_key_usage())
- gsk_validate_hostname() (see gsk_validate_hostname())
- gsk_validate_server() (see gsk_validate_server())
- gsk_verify_certificate_signature() (see gsk_verify_certificate_signature())
- gsk_verify_crl_signature() (see gsk_verify_crl_signature())
- gsk_verify_data_signature() (see gsk_verify_data_signature())