Struct CmsContentInfo 

pub struct CmsContentInfo { /* private fields */ }

An owned CMS_ContentInfo* — the top-level CMS container.

Implementations

impl CmsContentInfo

pub fn from_der(data: &[u8]) -> Result<Self, ErrorStack>

Decode a DER-encoded CMS_ContentInfo structure.

Errors

Returns Err if data is not valid CMS DER.

pub fn from_der_in(ctx: &Arc<LibCtx>, data: &[u8]) -> Result<Self, ErrorStack>

Decode a DER-encoded CMS_ContentInfo using an explicit library context.

Allocates the container with CMS_ContentInfo_new_ex(ctx) first, then decodes into it so that any internal algorithm fetches use ctx’s provider set.

Errors

pub fn to_der(&self) -> Result<Vec<u8>, ErrorStack>

DER-encode this CMS_ContentInfo.

Errors

pub fn content_type_oid(&self) -> Oid

Return the content-type OID (the outer contentType field).

For SignedData this is OID 1.2.840.113549.1.7.2.

Panics

Panics if OpenSSL fails to allocate memory for the OID copy.

pub fn econtent_type_oid(&self) -> Oid

Return the encapsulated content type OID (eContentType).

For ordinary SignedData carrying arbitrary data this is typically data (OID 1.2.840.113549.1.7.1); PKINIT uses its own OIDs (id-pkinit-authData, id-pkinit-DHKeyData, etc.).

Panics

Panics if OpenSSL fails to allocate memory for the OID copy.

pub fn is_detached(&self) -> bool

Return true if the content is detached (not embedded in the structure).

pub fn content(&self) -> Option<Vec<u8>>

Return the raw encapsulated content bytes, or None if absent or detached.

pub fn signers(&self) -> Vec<CmsSignerInfo<'_>>

Return the list of signer infos (borrowed from this CmsContentInfo).

pub fn certs(&self) -> Vec<X509>

Return the certificates embedded in this CMS_ContentInfo.

CMS_get1_certs increments the reference count of each returned certificate; each X509 in the returned Vec owns an independent ref.

pub fn crls(&self) -> Vec<X509Crl>

Return the CRLs embedded in this CMS_ContentInfo.

pub fn verify( &self, store: &X509Store, certs: &[X509], flags: CmsVerifyFlags, ) -> Result<Vec<u8>, ErrorStack>

Verify the CMS SignedData, returning the encapsulated content on success.

• store — trust anchor store.
• certs — additional untrusted certificates to include in chain building.
• flags — verification control flags (see CmsVerifyFlags).

Errors

Returns Err if signature verification fails, the chain cannot be built, or the content is missing or malformed.

pub fn sign( cert: &X509, key: &Pkey<Private>, extra_certs: &[X509], content: &[u8], flags: CmsSignFlags, ) -> Result<Self, ErrorStack>

Create a CMS SignedData wrapping content.

• cert — signer certificate.
• key — corresponding private key.
• extra_certs — additional certificates to embed in the SignedData (e.g. intermediate CA certificates for chain building).
• content — the payload to sign.
• flags — sign control flags (see CmsSignFlags).

Errors

pub fn sign_in( ctx: &Arc<LibCtx>, cert: &X509, key: &Pkey<Private>, extra_certs: &[X509], content: &[u8], flags: CmsSignFlags, ) -> Result<Self, ErrorStack>

Create a CMS SignedData using an explicit library context.

Calls CMS_sign_ex so all algorithm fetches use ctx’s provider set.

Errors

Trait Implementations

impl Drop for CmsContentInfo

fn drop(&mut self)

Executes the destructor for this type.

impl Send for CmsContentInfo

impl Sync for CmsContentInfo