Module pkcs7

pkcs7 module to create and process PKCS#7 files.

That only understands PKCS#7 v 1.5 as specified in IETF RFC 2315, and not currently parse CMS as described in IETF RFC 2630.

Usage:

    pkcs7 = require('openssl').pkcs7

Functions

read (input[, allow='auto']) read string or bio object, which include pkcs7 content
new ([oid=NID_pkcs7_signed[, content=NID_pkcs7_data]]) create new empty pkcs7 object, which support flexible sign methods.
sign (msg, signcert, signkey[, cacerts[, flags=0]]) sign message with signcert and signpkey to create pkcs7 object
verify (in[, signercerts[, cacerts[, msg[, flags=0]]]]) verify pkcs7 object, and return msg content or verify result
encrypt (msg, recipcerts[, cipher='aes-128-cbc'[, flags]]) encrypt message with recipcerts certificates return encrypted pkcs7 object
decrypt (input, recipcert, recipkey) decrypt encrypted pkcs7 message

Class pkcs7

pkcs7:export ([support='pem']) export pkcs7 as string
pkcs7:parse () export pkcs7 as a string
pkcs7:verify ([signercerts[, cacerts[, msg[, flags=0]]]]) verify pkcs7 object, and return msg content or verify result
pkcs7:decrypt (recipcert, recipkey) decrypt encrypted pkcs7 message


Functions

read (input[, allow='auto'])
read string or bio object, which include pkcs7 content

Parameters:

  • input bio or string
  • allow format ‘auto’,‘der’,‘pem’,‘smime’ auto will only try ‘der’ or ‘pem’ (default 'auto')

Returns:

  1. pkcs7 object or nil
  2. string content exist only smime format
new ([oid=NID_pkcs7_signed[, content=NID_pkcs7_data]])
create new empty pkcs7 object, which support flexible sign methods.

Parameters:

  • oid int given pkcs7 type (default NID_pkcs7_signed)
  • content int given pkcs7 content type (default NID_pkcs7_data)

Returns:

    pkcs7 object
sign (msg, signcert, signkey[, cacerts[, flags=0]])
sign message with signcert and signpkey to create pkcs7 object

Parameters:

  • msg string or bio
  • signcert x509
  • signkey evp_pkey
  • cacerts stack_of_x509 (optional)
  • flags number (default 0)

Returns:

    pkcs7 object
verify (in[, signercerts[, cacerts[, msg[, flags=0]]]])
verify pkcs7 object, and return msg content or verify result

Parameters:

  • in pkcs7
  • signercerts stack_of_x509 (optional)
  • cacerts x509_store (optional)
  • msg string or bio (optional)
  • flags number (default 0)

Returns:

  1. string content
  2. boolean result
encrypt (msg, recipcerts[, cipher='aes-128-cbc'[, flags]])
encrypt message with recipcerts certificates return encrypted pkcs7 object

Parameters:

  • msg string or bio
  • recipcerts stack_of_x509
  • cipher string or evp_cipher (default 'aes-128-cbc')
  • flags number (optional)
decrypt (input, recipcert, recipkey)
decrypt encrypted pkcs7 message

Parameters:

  • input pkcs7
  • recipcert x509
  • recipkey evp_pkey

Returns:

    string decrypt message

Class pkcs7

openssl.pkcs7 object
pkcs7:export ([support='pem'])
export pkcs7 as string

Parameters:

  • support string export as ‘pem’ or ‘der’ format, default is ‘pem’ (default 'pem')

Returns:

    string
pkcs7:parse ()
export pkcs7 as a string

Returns:

    table a table has pkcs7 infomation, include type,and other things relate to types
pkcs7:verify ([signercerts[, cacerts[, msg[, flags=0]]]])
verify pkcs7 object, and return msg content or verify result

Parameters:

  • signercerts stack_of_x509 (optional)
  • cacerts x509_store (optional)
  • msg string or bio (optional)
  • flags number (default 0)

Returns:

  1. string content
  2. boolean result
pkcs7:decrypt (recipcert, recipkey)
decrypt encrypted pkcs7 message

Parameters:

  • recipcert x509
  • recipkey evp_pkey

Returns:

    string decrypt message
generated by LDoc 1.5.0 Last updated 2024-01-20 16:21:56