Certificate Management Services (CMS) API reference
This topic describes the Certificate Management Services (CMS) APIs. These APIs can be used to create/manage your own key database files in a similar function to the SSL gskkyman utility, use certificates stored in the key database file or key ring for purposes other than SSL, and basic PKCS #7 message support.
System SSL supports X.509 certificates (V1, V2, or V3) and X.509 V2 Certificate Revocation Lists as described in RFC 5280, RFC 3280 and RFC 2459. RFC 5280 obsoletes RFC 3280 which obsoletes RFC 2459.
Note: You can use the gsk_strerror() routine to return a text
string describing a CMS error code. See gsk_strerror() for
more information.
This is a list of the Certificate Management Services (CMS) APIs:
- gsk_add_record() (see gsk_add_record())
- gsk_change_database_password() (see gsk_change_database_password())
- gsk_change_database_record_length() (see gsk_change_database_record_length())
- gsk_close_database() (see gsk_close_database())
- gsk_close_directory() (see gsk_close_directory() )
- gsk_construct_certificate() (see gsk_construct_certificate())
- gsk_construct_private_key() (see gsk_construct_private_key())
- gsk_construct_private_key_rsa() (see gsk_construct_private_key_rsa())
- gsk_construct_public_key() (see gsk_construct_public_key())
- gsk_construct_public_key_rsa() (see gsk_construct_public_key_rsa())
- gsk_construct_renewal_request() (see gsk_construct_renewal_request())
- gsk_construct_self_signed_certificate() (see gsk_construct_self_signed_certificate())
- gsk_construct_signed_certificate() (see gsk_construct_signed_certificate())
- gsk_construct_signed_crl() (see gsk_construct_signed_crl())
- gsk_copy_attributes_signers() (see gsk_copy_attributes_signers())
- gsk_copy_buffer() (see gsk_copy_buffer())
- gsk_copy_certificate() (see gsk_copy_certificate())
- gsk_copy_certificate_extension() (see gsk_copy_certificate_extension())
- gsk_copy_certification_request() (see gsk_copy_certification_request())
- gsk_copy_content_info() (see gsk_copy_content_info())
- gsk_copy_crl() (see gsk_copy_crl())
- gsk_copy_name() (see gsk_copy_name())
- gsk_copy_private_key_info() (see gsk_copy_private_key_info())
- gsk_copy_public_key_info() (see gsk_copy_public_key_info())
- gsk_copy_record() (see gsk_copy_record())
- gsk_create_certification_request() (see gsk_create_certification_request())
- gsk_create_database() (see gsk_create_database())
- gsk_create_database_renewal_request() (see gsk_create_database_renewal_request())
- gsk_create_database_signed_certificate() (see gsk_create_database_signed_certificate())
- gsk_create_renewal_request() (see gsk_create_renewal_request())
- gsk_create_revocation_source() (see gsk_create_revocation_source())
- gsk_create_self_signed_certificate() (see gsk_create_self_signed_certificate())
- gsk_create_signed_certificate() (see gsk_create_signed_certificate())
- gsk_create_signed_certificate_record() (see gsk_create_signed_certificate_record())
- gsk_create_signed_certificate_set() (see gsk_create_signed_certificate_set())
- gsk_create_signed_crl() (see gsk_create_signed_crl())
- gsk_create_signed_crl_record() (see gsk_create_signed_crl_record())
- gsk_decode_base64() (see gsk_decode_base64())
- gsk_decode_certificate() (see gsk_decode_certificate())
- gsk_decode_certificate_extension() (see gsk_decode_certificate_extension())
- gsk_decode_certification_request() (see gsk_decode_certification_request())
- gsk_decode_crl() (see gsk_decode_crl())
- gsk_decode_import_certificate() (see gsk_decode_import_certificate())
- gsk_decode_import_key() (see gsk_decode_import_key())
- gsk_decode_issuer_and_serial_number() (see gsk_decode_issuer_and_serial_number())
- gsk_decode_name() (see gsk_decode_name())
- gsk_decode_private_key() (see gsk_decode_private key())
- gsk_decode_public_key() (see gsk_decode_public key())
- gsk_decode_signer_identifier() (see gsk_decode_signer_identifier())
- gsk_delete_record() (see gsk_delete_record())
- gsk_dn_to_name() (see gsk_dn_to_name())
- gsk_encode_base64() (see gsk_encode_base64())
- gsk_encode_certificate_extension() (see gsk_encode_certificate_extension())
- gsk_encode_ec_parameters() (see gsk_encode_ec_parameters())
- gsk_encode_export_certificate() (see gsk_encode_export_certificate())
- gsk_encode_export_key() (see gsk_encode_export_key())
- gsk_encode_export_request() (see gsk_encode_export_request())
- gsk_encode_issuer_and_serial_number() (see gsk_encode_issuer_and_serial_number())
- gsk_encode_name() (see gsk_encode_name())
- gsk_encode_private_key() (see gsk_encode_private_key())
- gsk_encode_public_key() (see gsk_encode_public_key())
- gsk_encode_signature() (see gsk_encode_signature())
- gsk_encode_signer_identifier() (see gsk_encode_signer_identifier())
- gsk_export_certificate() (see gsk_export_certificate())
- gsk_export_certification_request() (see gsk_export_certification_request())
- gsk_export_key() (see gsk_export_key())
- gsk_factor_private_key() (see gsk_factor_private_key())
- gsk_factor_private_key_rsa() (see gsk_factor_private_key_rsa())
- gsk_factor_public_key() (see gsk_factor_public_key())
- gsk_factor_public_key_rsa() (see gsk_factor_public_key_rsa())
- gsk_fips_state_query() (see gsk_fips_state_query())
- gsk_fips_state_set() (see gsk_fips_state_set())
- gsk_format_time() (see gsk_format_time())
- gsk_free_attributes_signers() (see gsk_free_attributes_signers())
- gsk_free_buffer() (see gsk_free_buffer())
- gsk_free_certificate() (see gsk_free_certificate())
- gsk_free_certificates() (see gsk_free_certificates())
- gsk_free_certificate_extension() (see gsk_free_certificate_extension())
- gsk_free_certification_request() (see gsk_free_certification_request())
- gsk_free_content_info() (see gsk_free_content_info())
- gsk_free_crl() (see gsk_free_crl())
- gsk_free_crls() (see gsk_free_crls())
- gsk_free_decoded_extension() (see gsk_free_decoded_extension())
- gsk_free_issuer_and_serial_number() (see gsk_free_issuer_and_serial_number())
- gsk_free_name() (see gsk_free_name())
- gsk_free_oid() (see gsk_free_oid())
- gsk_free_private_key() (see gsk_free_private_key())
- gsk_free_private_key_info() (see gsk_free_private_key_info())
- gsk_free_public_key() (see gsk_free_public_key())
- gsk_free_public_key_info() (see gsk_free_public_key_info())
- gsk_free_record() (see gsk_free_record())
- gsk_free_records() (see gsk_free_records())
- gsk_free_revocation_source() (see gsk_free_revocation_source())
- gsk_free_signer_identifier() (see gsk_free_signer_identifier())
- gsk_free_string() (see gsk_free_string())
- gsk_free_strings() (see gsk_free_strings())
- gsk_generate_key_agreement_pair() (see gsk_generate_key_agreement_pair())
- gsk_generate_key_pair() (see gsk_generate_key_pair())
- gsk_generate_key_parameters() (see gsk_generate_key_parameters())
- gsk_generate_random_bytes() (see gsk_generate_random_bytes())
- gsk_generate_secret() (see gsk_generate_secret())
- gsk_get_certificate_algorithms() (see gsk_get_certificate_algorithms())
- gsk_get_certificate_info() (see gsk_get_certificate_info())
- gsk_get_cms_vector() (see gsk_get_cms_vector())
- gsk_get_content_type_and_cms_version() (see gsk_get_content_type_and_cms_version())
- gsk_get_default_key() (see gsk_get_default_key())
- gsk_get_default_label() (see gsk_get_default_label())
- gsk_get_directory_certificates() (see gsk_get_directory_certificates())
- gsk_get_directory_crls() (see gsk_get_directory_crls())
- gsk_get_directory_enum() (see gsk_get_directory_enum())
- gsk_get_directory_numeric_value() (see gsk_get_directory_numeric_value())
- gsk_get_ec_parameters_info() (see gsk_get_ec_parameters_info())
- gsk_get_record_by_id() (see gsk_get_record_by_id())
- gsk_get_record_by_index() (see gsk_get_record_by_index())
- gsk_get_record_by_label() (see gsk_get_record_by_label())
- gsk_get_record_by_subject() (see gsk_get_record_by_subject())
- gsk_get_record_labels() (see gsk_get_record_labels())
- gsk_get_update_code() (see gsk_get_update_code())
- gsk_import_certificate() (see gsk_import_certificate())
- gsk_import_key() (see gsk_import_key())
- gsk_make_content_msg() (see gsk_make_content_msg())
- gsk_make_data_content() (see gsk_make_data_content())
- gsk_make_data_msg() (see gsk_make_data_msg())
- gsk_make_encrypted_data_content() (see gsk_make_encrypted_data_content())
- gsk_make_encrypted_data_msg() (see gsk_make_encrypted_data_msg())
- gsk_make_enveloped_data_content() (see gsk_make_enveloped_data_content())
- gsk_make_enveloped_data_content_extended() (see gsk_make_enveloped_data_content_extended())
- gsk_make_enveloped_data_msg() (see gsk_make_enveloped_data_msg())
- gsk_make_enveloped_data_msg_extended() (see gsk_make_enveloped_data_msg_extended())
- gsk_make_enveloped_private_key_msg() (see gsk_make_enveloped_private_key_msg()
- gsk_make_signed_data_content() (see gsk_make_signed_data_content())
- gsk_make_signed_data_content_extended() (see gsk_make_signed_data_content_extended())
- gsk_make_signed_data_msg() (see gsk_make_signed_data_msg())
- gsk_make_signed_data_msg_extended() (see gsk_make_signed_data_msg_extended())
- gsk_make_wrapped_content() (see gsk_make_wrapped_content())
- gsk_mktime() (see gsk_mktime())
- gsk_modify_pkcs11_key_label() (see gsk_modify_pkcs11_key_label()
- gsk_name_compare() (see gsk_name_compare())
- gsk_name_to_dn()(see gsk_name_to_dn())
- gsk_open_database() (see gsk_open_database())
- gsk_open_database_using_stash_file() (see gsk_open_database_using_stash_file())
- gsk_open_directory() (see gsk_open_directory())
- gsk_open_keyring() (see gsk_open_keyring())
- gsk_perform_kat() (see gsk_perform_kat())
- gsk_query_crypto_level() (see gsk_query_crypto_level())
- gsk_query_database_label() (see gsk_query_database_label())
- gsk_query_database_record_length() (see gsk_query_database_record_length())
- gsk_rdtime() (see gsk_rdtime())
- gsk_read_content_msg() (see gsk_read_content_msg())
- gsk_read_data_content() (see gsk_read_data_content())
- gsk_read_data_msg() (see gsk_read_data_msg())
- gsk_read_encrypted_data_content() (see gsk_read_encrypted_data_content())
- gsk_read_encrypted_data_msg() (see gsk_read_encrypted_data_msg())
- gsk_read_enveloped_data_content() (see gsk_read_enveloped_data_content())
- gsk_read_enveloped_data_content_extended() (see gsk_read_enveloped_data_content_extended())
- gsk_read_enveloped_data_msg() (see gsk_read_enveloped_data_msg())
- gsk_read_enveloped_data_msg_extended() (see gsk_read_enveloped_data_msg_extended())
- gsk_read_signed_data_content() (see gsk_read_signed_data_content())
- gsk_read_signed_data_content_extended() (see gsk_read_signed_data_content_extended())
- gsk_read_signed_data_msg() (see gsk_read_signed_data_msg())
- gsk_read_signed_data_msg_extended() (see gsk_read_signed_data_msg_extended())
- gsk_read_wrapped_content() (see gsk_read_wrapped_content())
- gsk_receive_certificate() (see gsk_receive_certificate())
- gsk_replace_record() (see gsk_replace_record())
- gsk_set_default_key() (see gsk_set_default_key())
- gsk_set_directory_enum() (see gsk_set_directory_enum())
- gsk_set_directory_numeric_value() (see gsk_set_directory_numeric_value())
- gsk_sign_certificate() (see gsk_sign_certificate())
- gsk_sign_crl() (see gsk_sign_crl())
- gsk_sign_data() (see gsk_sign_data())
- gsk_validate_certificate() (see gsk_validate_certificate())
- gsk_validate_certificate_mode() (see gsk_validate_certificate_mode())
- gsk_validate_extended_key_usage() (see gsk_validate_extended_key_usage())
- gsk_validate_hostname() (see gsk_validate_hostname())
- gsk_validate_server() (see gsk_validate_server())
- gsk_verify_certificate_signature() (see gsk_verify_certificate_signature())
- gsk_verify_crl_signature() (see gsk_verify_crl_signature())
- gsk_verify_data_signature() (see gsk_verify_data_signature())