CMS_MakeSigDataFromString
Create a CMS object of type SignedData from an input string.
VBA/VB6 Syntax
Public Declare Function CMS_MakeSigDataFromString Lib "diCrPKI.dll"
(ByVal strFileOut As String, ByVal strDataIn As String,
ByVal strCertList As String, ByVal strPrivateKey As String, ByVal nOptions As Long) As Long
nRet = CMS_MakeSigDataFromString(strFileOut, strDataIn,
strCertList, strPrivateKey, nOptions) As Long
C/C++ Syntax
long __stdcall CMS_MakeSigDataFromString(const char *szFileOut, const char *szDataIn, const char *szCertList, const char *szPrivateKey, long nOptions);
Parameters
- szFileOut
- [in] name of output file to be created.
- szDataIn
- [in] string containing message data to be signed.
- szCertList
- [in] filename of the signer's certificate and (optionally)
a list of other certificates to be included in the output, separated by semi-colons (;).
Alternatively specify a single PKCS#7 certificate chain file (.p7c/.p7b) containing the signer's certificate.
- szPrivateKey
- [in] private key data for the sender in "internal" string format.
- nOptions
- [in] Option flags. Select one of:
PKI_SIG_RSA_SHA1 (0) to use RSASSA-PKCS-v1_5 with SHA-1 (sha1WithRSAEncryption
) (default - CAUTION)
PKI_SIG_RSA_SHA224 to use RSASSA-PKCS-v1_5 with SHA-224 (sha224WithRSAEncryption
)
PKI_SIG_RSA_SHA256 to use RSASSA-PKCS-v1_5 with SHA-256 (sha256WithRSAEncryption
) []
PKI_SIG_RSA_SHA384 to use RSASSA-PKCS-v1_5 with SHA-384 (sha384WithRSAEncryption
)
PKI_SIG_RSA_SHA512 to use RSASSA-PKCS-v1_5 with SHA-512 (sha512WithRSAEncryption
)
PKI_SIG_RSA_MD5 to use RSASSA-PKCS-v1_5 with MD5 (md5WithRSAEncryption
) [legacy, not recommended for new implementations]
PKI_SIG_RSA_PSS_SHA1 to use RSASSA-PSS with SHA-1
PKI_SIG_RSA_PSS_SHA224 to use RSASSA-PSS with SHA-224
PKI_SIG_RSA_PSS_SHA256 to use RSASSA-PSS with SHA-256
PKI_SIG_RSA_PSS_SHA384 to use RSASSA-PSS with SHA-384
PKI_SIG_RSA_PSS_SHA512 to use RSASSA-PSS with SHA-512
PKI_SIG_ECDSA_SHA1 to use ecdsaWithSHA1
PKI_SIG_ECDSA_SHA224 to use ecdsaWithSHA224
PKI_SIG_ECDSA_SHA256 to use ecdsaWithSHA256
PKI_SIG_ECDSA_SHA384 to use ecdsaWithSHA384
PKI_SIG_ECDSA_SHA512 to use ecdsaWithSHA512
PKI_SIG_ED25519 to use Ed25519
[New in v20.0]
PKI_SIG_ED448 to use Ed448
[New in v22.0]
and optionally add any of the following flags:
PKI_CMS_EXCLUDE_CERTS to exclude signer's certificate
PKI_CMS_EXCLUDE_DATA to exclude the eContent data
PKI_CMS_CERTS_ONLY to create a "certs-only" PKCS#7 certficate chain
PKI_CMS_INCLUDE_ATTRS to add signed attributes (default = no signed attributes) including content-type and message-digest plus any more added below.
PKI_CMS_FORMAT_BASE64 to format the output with base64 encoding (default output is binary)
PKI_CMS_NO_OUTER to create a "naked" SignedData object with no outerContentInfo as permitted by PKCS#7 v1.6 (specialist option)
PKI_CMS_ALT_ALGID to use an alternative signature algorithm identifier (see Remarks)
PKI_PSS_SALTLEN_ZERO to set the salt length to be zero (RSASSA-PSS only, default = same length as the output of the hash function)
PKI_MGF_MGF1SHA1 to force the MGF hash function to be SHA-1 (RSASSA-PSS only, default = same as signature hash function)
If the PKI_CMS_INCLUDE_ATTRS
option flag is included, optionally add any of the following:
PKI_CMS_ADD_SIGNTIME to add SigningTime to the signed attributes (requires PKI_CMS_INCLUDE_ATTRS)
PKI_CMS_ADD_SMIMECAP to add sMIMECapabilities to the signed attributes (requires PKI_CMS_INCLUDE_ATTRS)
PKI_CMS_ADD_SIGNINGCERT to add an ESS Signing Certificate Attribute to the signed attributes (requires PKI_CMS_INCLUDE_ATTRS) [New in v12.4]
PKI_CMS_ADD_ALGPROTECT to add an Algorithm Identifier Protection Attribute to the signed attributes (requires PKI_CMS_INCLUDE_ATTRS) [New in v12.4]
Returns (VBA/C)
If successful, the return value is zero;
otherwise it returns a nonzero error code. Further error information may be available by calling
PKI_LastError()
.
.NET Equivalent
Cms.MakeSigDataFromString Method (String, String, String, String, Cms.SigAlg, Cms.SigDataOptions)
Cms.MakeSigDataFromString Method (String, String, String, String, HashAlgorithm, Cms.SigDataOptions)
C++ (STL) Equivalent
static int dipki::Cms::MakeSigDataFromString (const std::string &outputFile, const std::string &inputStr, const std::string &certList, const std::string &privateKey, SigAlg sigAlg=SigAlg::Default, SigDataOptions opts=SigDataOptions::Default_SigDataOpt, Format format=Format::Default)
Remarks
This function is identical to
CMS_MakeSigData()
except the input is passed as a string instead of in a file.
Zero-terminated ANSI data is expected in szDataIn.
VB6 users: the string szDataIn must not contain a NUL (Chr$(0)
) character.
To sign a messsage that contains binary or Unicode UTF-8 or UTF-16 data, use
CMS_MakeSigDataFromBytes
.
Example
nRet = CMS_MakeSigDataFromString(strOutputFile, "This is some sample content.", _
strCertFile, strPrivateKey, 0)
See Also
CMS_MakeSigData
CMS_MakeSigDataFromBytes
CMS_MakeDetachedSig
[Contents] [Index]