Module `cms`

cms module for lua-openssl binding

The Cryptographic Message Syntax (CMS) is the IETF’s standard for cryptographically protected messages.

It can be used to digitally sign, digest, authenticate or encrypt any form of digital data. CMS is based on the syntax of PKCS#7, which in turn is based on the Privacy-Enhanced Mail standard. The newest version of CMS is specified in RFC 5652.

The architecture of CMS is built around certificate-based key management, such as the profile defined by the PKIX working group. CMS is used as the key cryptographic component of many other cryptographic standards, such as S/MIME, PKCS #12 and the RFC 3161 Digital timestamping protocol.

OpenSSL is open source software that can encrypt, decrypt, sign and verify, compress and uncompress CMS documents.

CMS are based on apps/cms.c from the OpenSSL dist, so for more information, you better see the documentation for OpenSSL. cms api need flags, not support “detached”, “nodetached”, “text”, “nointern”, “noverify”, “nochain”, “nocerts”, “noattr”, “binary”, “nosigs”

OpenSSL not give full document about CMS api, so some function will be dangers.

Usage:

cms = require('openssl').cms

Functions

read (input[, format='auto'[, content=nil]])	read cms object from input bio or string
export (cms[, data[, flags=0[, format='smime']]])	write cms object to bio object
create ()	create empty cms object
create (input[, flags=0])	create cms object from string or bio object
compress (input, alg[, flags=0])	create compress cms object
uncompress (cms[, dcent=nil[, flags=0]])	uncompress cms object
sign (signer, pkey, input_data[, certs[, flags=0]])	make signed cms object
verify (signed, signers[, store[, message[, flags=0]]])	verfiy signed cms object
EncryptedData_encrypt (input, key[, cipher_alg='des-ede3-cbc'[, flags=0]])	create enryptdata cms
EncryptedData_decrypt (encrypted, key[, dcont[, flags=0]])	decrypt encryptdata cms
digest_create (input[, digest_alg='sha256'[, flags=0]])	create digest cms
digest_verify (digested[, dcont[, flags=0]])	verify digest cms
encrypt (recipt, input[, cipher_alg='des-ede3-cbc'[, flags=0[, options=nil]]])	encrypt with recipt certs
decrypt (message, pkey, recipt[, dcount[, flags=0[, options=nil]]])	decrypt cms message

Class cms

cms:cms ()	get type of cms object
cms:detached (cmsbio)	get detached state
cms:detached (detach)	set detached state
cms:content ()	get content of cms object

Functions

read (input[, format='auto'[, content=nil]])

read cms object from input bio or string

Parameters:

input bio or string
format string , support ‘auto’,‘smime’,‘der’,‘pem’ auto will only try ‘der’ or ‘pem’ (default 'auto')
content bio , only used when format is ‘smime’ (default nil)

Returns:

cms

export (cms[, data[, flags=0[, format='smime']]])

write cms object to bio object

Parameters:

cms cms
data bio (optional)
flags number (default 0)
format string (default 'smime')

Returns:

string
nil, and followed by error message

create ()

signed cms
signers stack_of_x509
store x509_store trust certificates store (optional)
message bio (optional)
flags number (default 0)

Returns:

string content
nil, and followed by error message

EncryptedData_encrypt (input, key[, cipher_alg='des-ede3-cbc'[, flags=0]])

create enryptdata cms

Parameters:

input bio or string
key strig
cipher_alg string or evp_cipher (default 'des-ede3-cbc')
flags number (default 0)

Returns:

cms object
nil, followed by error message

EncryptedData_decrypt (encrypted, key[, dcont[, flags=0]])

decrypt encryptdata cms

Parameters:

encrypted cms
key string
dcont bio (optional)
flags number (default 0)

Returns:

boolean

digest_create (input[, digest_alg='sha256'[, flags=0]])

create digest cms

Parameters:

input bio or string
digest_alg string or evp_md (default 'sha256')
flags number (default 0)

Returns:

cms object
nil, followed by error message

digest_verify (digested[, dcont[, flags=0]])

verify digest cms

Parameters:

digested cms
dcont string or bio (optional)
flags number (default 0)

Returns:

boolean

encrypt (recipt, input[, cipher_alg='des-ede3-cbc'[, flags=0[, options=nil]]])

encrypt with recipt certs

Parameters:

recipt stack_of_x509 certs
input bio or string
cipher_alg string or evp_cipher (default 'des-ede3-cbc')
flags number (default 0)
options table , support key, keyid, password fields, and values must be string type (default nil)

Returns:

cms

decrypt (message, pkey, recipt[, dcount[, flags=0[, options=nil]]])

decrypt cms message

Parameters:

message cms
pkey evp_pkey
recipt x509
dcount bio output object (optional)
flags number (default 0)
options table may have key, keyid, password field, and values must be string type (default nil)

Returns:

string decrypted message
nil, and followed by error message

Class cms

openssl.cms object

cms:cms ()

get type of cms object

Returns:

asn1_object

cms:detached (cmsbio)

get detached state

Parameters:

cmsbio bio bio returned by datainit

Returns:

boolean true for detached
boolean true for success, others value will followed by error message

cms:detached (detach)

set detached state

Parameters:

detach boolean

Returns:

boolean

cms:content ()

get content of cms object

Returns:

string

lua-openssl

Contents

Modules

Topics

Module cms

Usage:

Functions

Class cms

Functions

Parameters:

Returns:

Parameters:

Returns:

Returns:

Parameters:

Returns:

Parameters:

Returns:

Parameters:

Returns:

Parameters:

Returns:

Parameters:

Returns:

Parameters:

Returns:

Parameters:

Returns:

Parameters:

Returns:

Parameters:

Returns:

Parameters:

Returns:

Parameters:

Returns:

Class cms

Returns:

Parameters:

Returns:

Parameters:

Returns:

Returns:

Module `cms`