Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
gsk_read_enveloped_data_msg() z/OS Cryptographic Services System SSL Programming SC14-7495-00 |
|
Processes a PKCS #7 EnvelopedData message. Format
Parameters
ResultsThe function return value will be 0 if no error is detected. Otherwise, it will be one of the return codes listed in the gskcms.h include file. These are some possible errors:
UsageThe gsk_read_enveloped_data_msg() routine processes a PKCS #7 (Cryptographic Message Syntax) EnvelopedData message created by the gsk_make_enveloped_data_msg() routine and returns the message content. The enveloped data content type must be Data. Calling the gsk_read_enveloped_data_msg() routine is equivalent to calling the gsk_read_content_msg() routine, the gsk_read_enveloped_data_content() routine, and the gsk_read_data_content() routine. The recipient_keys parameter supplies one or more recipient certificates and associated private keys. The gsk_read_enveloped_data_msg() routine will search for a certificate matching one of the message recipients. The private key will be used to decrypt the session key and the session key will then be used to decrypt the enveloped data. The certificate key usage must allow key encipherment. No certificate validation is performed by the gsk_read_enveloped_data_msg() routine. It is assumed that the application has already validated the recipient certificates. These encryption algorithms are supported. Strong encryption might not be available depending upon government export regulations.
When executing in FIPS mode, encryption algorithms x509_alg_rc2CbcPad, x509_alg_rc4 and x509_alg_desCbcPad are not supported. |
Copyright IBM Corporation 1990, 2014
|