Parameters

stream

Specifies the byte stream of the encoded certificate.

certificate

Returns the decoded certificates. The application should call the gsk_free_certificates() routine to release the certificates when they are no longer needed.

Results

The function return value will be 0 if no error is detected. Otherwise, it will be one of the return codes listed in the gskcms.h include file. These are some possible errors:

[CMSERR_BAD_BASE64_ENCODING]

The Base64 encoding of the import file is not correct.

[CMSERR_BAD_ENCODING]

The import file format is not recognized.

[CMSERR_NO_MEMORY]

Insufficient storage is available.

Usage

The gsk_receive_certificate() routine receives one or more X.509 certificates and returns the decoded certificates to the caller.

The supplied stream can represent either the ASN.1 DER encoding for the certificate or the Cryptographic Message Syntax (PKCS #7) encoding for the certificate. This can be either the binary value or the Base64 encoding of the binary value. A Base64 encoded stream must be in the local code page and must include the encoding header and footer lines.

A Base64 DER-encoded sequence must start with the encoding header '-----BEGIN CERTIFICATE-----' and end with the encoding footer '----END CERTIFICATE-----'. A Base 64 PKCS #7 signed data message must start with the encoding header '-----BEGIN CERTIFICATE-----' and end with the encoding footer '----END CERTIFICATE-----' or must start with the encoding header '----BEGIN PKCS #7 SIGNED DATA-----' and end with the encoding footer '-----END PKCS #7 SIGNED DATA-----'.

A DER-encoded certificate stream contains a single X.509 certificate while a PKCS #7 message stream contains one or more certificates. All of the certificates in a PKCS #7 message will be returned to the application for processing.