These #defines are used to provide the security environment used to sign messages and verify signatures. (NB Message Tokens used to provide signatures on a per recipient basis are in a different section). All these attributes apart from X400_B_SEC_GEN_MOAC can be specified in the Message object using X400msMsgAddStrParam() or X400msMsgAddIntParam(). They can also be specified in the default object using X400SetStrDefault() or X400SetIntDefault. X400_B_SEC_GEN_MOAC can only be set using X400msMsgAddIntParam(). More...
Modules | |
Recipient Attributes | |
Content Integrity Check information. | |
These allow information about the CIC in the Recipient extensions to be returned. The signing certificate values also apply to the CIC if present in the Message Token. | |
Detailed Description
These #defines are used to provide the security environment used to sign messages and verify signatures. (NB Message Tokens used to provide signatures on a per recipient basis are in a different section). All these attributes apart from X400_B_SEC_GEN_MOAC can be specified in the Message object using X400msMsgAddStrParam() or X400msMsgAddIntParam(). They can also be specified in the default object using X400SetStrDefault() or X400SetIntDefault. X400_B_SEC_GEN_MOAC can only be set using X400msMsgAddIntParam().
These #defines are used to provide the security environment used to sign messages and verify signatures using Message Tokens to provide signatures on a per recipient basis. All these attributes apart from X400_B_SEC_GEN_MESSAGE_TOKEN can be specified.
Values in the Message object override those set in the Default object.
The values are all ignored when the message is constructed unless X400_B_SEC_GEN_MOAC is set in the Message object.
If X400_B_SEC_GEN_MOAC is set in the Message object, then a valid security environment must have been set up (see the X.509 Setup Guide). The other attributes must be passed in to point to this security environment.
Previously only Digital Identities in a directory called "x509" can be used. The parent directory is passed into X400_S_SEC_IDENTITY.
The preferred way to get the security environment is to use the X400_S_SEC_IDENTITY_FILE attribute which specifies a specific PKCS12 file.
- in the Message object using X400msMsgAddStrParam() or X400msMsgAddIntParam().
- in the Recipient object using X400msRecipAddStrParam() or X400msRecipAddIntParam(). They can also be specified in the default object using X400SetStrDefault() or X400SetIntDefault. X400_B_SEC_GEN_MESSAGE_TOKEN can only be set by X400msRecipAddIntParam().
Values in the Message object override those set in the Default object. Values in the Recipient object override those set in the Message object.
The values are all ignored when the message is constructed unless the X400_B_SEC_GEN_MESSAGE_TOKEN is set in the Recipient object.
If X400_B_SEC_GEN_MESSAGE_TOKEN is set in the Recipient object, then a valid security environment must have been set up. (see the X.509 Setup Guide). The other attributes must be passed in to point to this security environment.
Currently only Digital Identities in a directory called "x509" can be used. This parent directory is passed in X400_S_SEC_IDENTITY.
Macro Definition Documentation
◆ X400_S_SEC_IDENTITY
#define X400_S_SEC_IDENTITY 180 |
- Deprecated:
- Directory in which to search for Identities: Looks in x509 Sub Directory, obsolescent: use X400_S_SEC_IDENTITY_FILE
Definition at line 554 of file x400_att.h.
◆ X400_B_SEC_GEN_MOAC
#define X400_B_SEC_GEN_MOAC 181 |
Generate MOAC 0: no (default), 1: yes
Definition at line 557 of file x400_att.h.
◆ X400_S_SEC_IDENTITY_PASSPHRASE
#define X400_S_SEC_IDENTITY_PASSPHRASE 182 |
Passphrase to open Identity
Definition at line 560 of file x400_att.h.
◆ X400_S_SEC_IDENTITY_DN
#define X400_S_SEC_IDENTITY_DN 183 |
- Deprecated:
- DN in Certificate - obsolescent: use X400_S_SEC_IDENTITY_FILE
Definition at line 563 of file x400_att.h.
◆ X400_S_SEC_ENV
#define X400_S_SEC_ENV 186 |
For internal use only
Definition at line 566 of file x400_att.h.
◆ X400_S_MOAC
#define X400_S_MOAC 187 |
X.400 Message Origin Authentication Check
- Examples
- examples/x400_mtrcv.c, and examples/x400_mtsend.c.
Definition at line 569 of file x400_att.h.
◆ X400_N_MOAC_STATUS
#define X400_N_MOAC_STATUS 188 |
Status of MOAC in message
Definition at line 572 of file x400_att.h.
◆ X400_S_CERT_INFO
#define X400_S_CERT_INFO 189 |
For internal use only
Definition at line 575 of file x400_att.h.
◆ X400_S_SEC_IDENTITY_FILE
#define X400_S_SEC_IDENTITY_FILE 190 |
Names the PKCS12 files - preferred to obsolescent X400_S_SEC_IDENTITY_DN and X400_S_SEC_IDENTITY
Definition at line 578 of file x400_att.h.
◆ X400_S_SEC_TRUSTED_CERTS_DIR
#define X400_S_SEC_TRUSTED_CERTS_DIR 191 |
Directory containing trusted Certificates. Needed when verifying signatures using Certificates issued by CAs other than the verifier. These certificates have to be in DER fomat (usually with a .crt extension).
Definition at line 581 of file x400_att.h.
◆ X400_S_SEC_SECURITY_DB
#define X400_S_SEC_SECURITY_DB 192 |
Name of security DB file to provide the security environment
Definition at line 585 of file x400_att.h.
◆ X400_S_SEC_SECURITY_PASSPHRASE
#define X400_S_SEC_SECURITY_PASSPHRASE 193 |
Passphrase to access security DB file
Definition at line 588 of file x400_att.h.
◆ X400_S_SEC_SIGNING_URI
#define X400_S_SEC_SIGNING_URI 194 |
URI for the signing certificate/key to be used for signing The value should correspond to the name of an entity in the security DB
Definition at line 591 of file x400_att.h.
◆ X400_S_SECURITY_ENV
#define X400_S_SECURITY_ENV 195 |
For internal use only
Definition at line 596 of file x400_att.h.
◆ X400_N_S4406
#define X400_N_S4406 440600 |
STANAG 4406 security control. For message creation the attribute controls what elements are used. For a received message, it reports the security elements in the message. Currently supported values are: 0 - no security elements X400_N_S4406_SINGLE_WRAP - Single wrap signing, compatible with PCT.
Definition at line 599 of file x400_att.h.
◆ X400_N_S4406_STATUS
#define X400_N_S4406_STATUS 440601 |
Status of security for S4406 signed message. For an S4406 message this gives the status for the verification of the signing Not present in a non-S4406 secured message.
Definition at line 608 of file x400_att.h.
◆ X400_S_S4406_STATUS_DETAIL
#define X400_S_S4406_STATUS_DETAIL 440602 |
Detail for status of S4406 signed message. This is a message string giving more detail about a verification failure.
Definition at line 614 of file x400_att.h.
◆ X400_S_S4406_SECURITY_LABEL
#define X400_S_S4406_SECURITY_LABEL 440603 |
Label for S4406 signed message. The value should be the binary encoding of an ESS Label
Definition at line 619 of file x400_att.h.
◆ X400_N_S4406_CERTIFICATE
#define X400_N_S4406_CERTIFICATE 440604 |
Certificate from S4406 signed message. Used with X400MsgGetCert()
Definition at line 624 of file x400_att.h.
◆ X400_S_S4406_SIGNING_TIME
#define X400_S_S4406_SIGNING_TIME 440605 |
Signing time from S4406 signed message. In UTCTime format.
Definition at line 629 of file x400_att.h.
◆ X400_B_SEC_GEN_MESSAGE_TOKEN
#define X400_B_SEC_GEN_MESSAGE_TOKEN 1700 |
Generate Message Token 0: no (default), 1: yes
Definition at line 1426 of file x400_att.h.
◆ X400_B_SEC_ADD_CERT_PATH
#define X400_B_SEC_ADD_CERT_PATH 1701 |
Include Certificate Path when generating Message Token 0: no (default), 1: yes
Definition at line 1429 of file x400_att.h.
◆ X400_B_SEC_CONTENT_INTEGRITY_CHECK
#define X400_B_SEC_CONTENT_INTEGRITY_CHECK 1702 |
Add Content Integrity Extension and use in Message Token: no (default), 1: yes
Definition at line 1432 of file x400_att.h.
◆ X400_N_MSGTOK_STATUS
#define X400_N_MSGTOK_STATUS 1710 |
Status of recipient Message Token - See below for possible values
- Examples
- examples/x400_mtrcv.c.
Definition at line 1437 of file x400_att.h.
◆ X400_S_MSGTOK_DER
#define X400_S_MSGTOK_DER 1716 |
Token in recipient when verifying a Message Token signature
- Examples
- examples/x400_mtrcv.c.
Definition at line 1440 of file x400_att.h.
◆ X400_N_MSGTOK_SEQ_NUM
#define X400_N_MSGTOK_SEQ_NUM 1717 |
Sequence number in Message Token
- Examples
- examples/x400_mtrcv.c.
Definition at line 1443 of file x400_att.h.
◆ X400_S_MSGTOK_RECIP
#define X400_S_MSGTOK_RECIP 1718 |
Recipient in Message Token
- Examples
- examples/x400_mtrcv.c.
Definition at line 1446 of file x400_att.h.
◆ X400_S_MSGTOK_SEC_LAB
#define X400_S_MSGTOK_SEC_LAB 1719 |
Security Label in Message Token
- Examples
- examples/x400_mtrcv.c.
Definition at line 1449 of file x400_att.h.
◆ X400_N_MSGTOK_PODR_STATUS
#define X400_N_MSGTOK_PODR_STATUS 1721 |
Information about PODR in Token and Envelope
Definition at line 1452 of file x400_att.h.
◆ X400_N_MSGTOK_SEC_LAB_STATUS
#define X400_N_MSGTOK_SEC_LAB_STATUS 1722 |
Information about Security Label in Token and Envelope
Definition at line 1455 of file x400_att.h.
◆ X400_N_MSGTOK_RECIP_STATUS
#define X400_N_MSGTOK_RECIP_STATUS 1723 |
Information about Recipient in Token and Envelope
Definition at line 1458 of file x400_att.h.
◆ X400_N_MSGTOK_CIC_STATUS
#define X400_N_MSGTOK_CIC_STATUS 1724 |
Status of CIC in Message Token
Definition at line 1461 of file x400_att.h.
◆ X400_S_MSGTOK_CIC
#define X400_S_MSGTOK_CIC 1726 |
Content Integrity Check DER from Message Token
- Examples
- examples/x400_mtrcv.c.
Definition at line 1464 of file x400_att.h.