CryptoSys PKI Toolkit Manual

CMS_ReadEnvData

Reads and decrypts CMS enveloped-data object using the recipient's private key.

VB6/VBA Syntax

Public Declare Function CMS_ReadEnvData Lib "diCrPKI.dll" (ByVal strFileOut As String, ByVal strFileIn As String, ByVal strCertFile As String, ByVal strPrivateKey As String, ByVal nOptions As Long) As Long

nRet = CMS_ReadEnvData(strFileOut, strFileIn, strCertFile, strPrivateKey, nOptions) As Long

Parameters

strFileOut
[in] String with name of output file to be created.
strFileIn
[in] String with name of file containing input data or the data as a base64 or PEM string.
strCertFile
[in] String (optional) specifies the filename of the recipient's X.509 certificate.
strPrivateKey
[in] String containing the recipient's private key in string format.
nOptions
[in] Long option flags:
PKI_DEFAULT (0) for default options
PKI_CMS_FORMAT_BASE64 to read base64-encoded input (default expected BER-encoded binary) [not required in v3.5 and above]
PKI_CMS_BIGFILE to speed up the encryption of large files [new in v3.7]

C/C++ Syntax

long _stdcall CMS_ReadEnvData(const char *szFileOut, const char *szFileIn, const char *szX509File, const char *szRSAPrivateKey, long nOptions);

Returns (VB6/C)

Long: If successful, the return value is zero; otherwise it returns a nonzero error code.

.NET Equivalent

Cms.ReadEnvDataToFile Method

Remarks

If received as an attachment to an S/MIME email message, the user must first extract the CMS object from the email (Hint: use a text editor and cut out the base64 data from the message - see Sending an enveloped-data object and work backwards).

The optional certificate strCertFile is used to identify the intended recipient in a message addressed to multiple recipients. If the intended recipient's certificate is not provided, the first valid message that can be decrypted will be extracted. Only CMS enveloped-data objects using RSA ("rsaEncryption") for key transport and Triple DES ("des-EDE3-CBC"), AES ("aesNNN-CBC"), or RC2 ("rc2CBC") for encryption can be read with this release. The RecipientInfo must be KeyTransRecipientInfo (ktri) and the RecipientIdentifier must be the choice issuerAndSerialNumber. For more details, see section 6 of [CMS].

[New in v3.7] Use the PKI_CMS_BIGFILE option to cope more efficiently with large files. See the fourth example in CMS_MakeEnvData

Example

The following example reads the file created with CMS_MakeEnvData above. Bob's private key needs to be read into a string first (see RSA_ReadEncPrivateKey). The output is written directly to a new file. 

Dim nRet As Long
Dim strFileIn As String
Dim strFileOut As String
Dim strPrivateKey As String

' Bob reads his private key into a string
strPrivateKey = rsaReadPrivateKey("C:\test\BobPrivRSAEncrypt.epk", "password")
If Len(strPrivateKey) = 0 Then
    MsgBox "Cannot read private key"
    Exit Function
End If

' Decrypt the input file; send plaintext to new output file
strFileIn = "C:\test\cmsalice2bob.p7m"
strFileOut = "C:\test\fromalice.txt"
nRet = CMS_ReadEnvData(strFileOut, strFileIn, "", strPrivateKey, 0)
Debug.Print "CMS_ReadEnvData returns " & nRet

' Clean up
WIPE_String strPrivateKey, Len(strPrivateKey)
strPrivateKey = ""

See Also

CMS_ReadEnvDataToString CMS_MakeEnvDataFromString CMS_MakeEnvData

[Contents] [Index]

[HOME]   [NEXT: CMS_ReadEnvDataToString...]
Copyright © 2004-12 D.I. Management Services Pty Ltd. All rights reserved.