chickadee » cryptlib

Cryptlib

Author

Thomas Chust

Requirements

Pogramming Interface

The Scheme programming interface stays relatively close to the original one for C, with some added conveniences. Notable differences from the C interface are:

Exported Procedures

All the procedures do automatic error checking and may throw exceptions of the kind (exn crypt) with a code property holding the cryptlib error code.

add-random! RANDOM-DATA #!optional RANDOM-DATA-LENGTHprocedure
login NAME PASSWORDprocedure

Logs in with the given user NAME, sets the internal parameter for the current user and returns the cryptlib user object handle.

logoutprocedure

Logs the current user out and resets the internal parameter for the current user handle to UNUSED.

destroy-object HANDLEprocedure
open-device DEVICE-TYPE NAMEprocedure
query-capability ALGO #!optional DEVICEprocedure
query-object OBJECT-DATA #!optional OBJECT-DATA-LENGTHprocedure
create-context ALGO #!optional DEVICEprocedure
generate-key CONTEXTprocedure
encrypt CONTEXT BUFFER #!optional BUFFER-LENGTHprocedure
decrypt CONTEXT BUFFER #!optional BUFFER-LENGTHprocedure
attribute OBJECT ATTRIBUTE-TYPEprocedure
attribute/string OBJECT ATTRIBUTE-TYPEprocedure
attribute-set! OBJECT ATTRIBUTE-TYPE VALUEprocedure
(set! (attribute OBJECT ATTRIBUTE-TYPE) VALUE) => (void)syntax
attribute-set!/string OBJECT ATTRIBUTE-TYPE VALUEprocedure
(set! (attribute/string OBJECT ATTRIBUTE-TYPE) VALUE) => (void)syntax
attribute-delete! OBJECT ATTRIBUTE-TYPEprocedure
export-key EXPORT-KEY SESSION-KEY-CONTEXTprocedure
import-key IMPORT-CONTEXT SESSION-KEY-CONTEXT KEY-DATA #!optional KEY-DATA-LENGTHprocedure
(create-signature SIGN-CONTEXT HASH-CONTEXT [FORMAT-TYPE EXTRA-DATA]) => SIGNATURE-DATAprocedure
(check-signature SIG-CHECK-KEY HASH-CONTEXT SIGNATURE [SIGNATURE-LENGTH GET-EXTRA-DATA?]) => EXTRA-DATA | (void)procedure
open-keyset KEYSET-TYPE KEYSET-NAME #!optional KEYSET-OPTIONSprocedure
get-public-key KEYSET KEYID-TYPE KEYIDprocedure
get-private-key KEYSET KEYID-TYPE KEYID #!optional PASSWORDprocedure
get-key KEYSET KEYID-TYPE KEYID #!optional PASSWORDprocedure
add-public-key! KEYSET CERTIFICATEprocedure
add-private-key! KEYSET KEY PASSWORDprocedure
delete-key! OBJECT KEYID-TYPE KEYIDprocedure
create-cert CERT-TYPEprocedure
sign-cert! CERTIFICATE SIGN-CONTEXTprocedure
check-cert CERTIFICATE SIG-CHECK-KEYprocedure
export-cert CERT-FORMAT-TYPE CERTIFICATEprocedure
import-cert CERT-DATA #!optional CERT-DATA-LENGTHprocedure
ca-get-item KEYSET CERT-TYPE ID-TYPE IDprocedure
ca-add-item! KEYSET CERTIFICATEprocedure
ca-delete-item! KEYSET CERT-TYPE ID-TYPE IDprocedure
ca-cert-management ACTION KEYSET CA-KEY CERT-REQUEST #!optional GET-CERTIFICATE?procedure
create-envelope FORMAT-TYPEprocedure
create-session SESSION-TYPEprocedure
(push-data HANDLE BUFFER [BUFFER-LENGTH SILENT-EOF?]) => COPIED-LENGTHprocedure
(pop-data HANDLE BUFFER [BUFFER-LENGTH SILENT-EOF?]) => COPIED-LENGTHprocedure

Iff SILENT-EOF? is true, ERROR-READ or ERROR-WRITE conditions are not raised but rather cause a return value of #f.

flush-data HANDLEprocedure
object-port? VALUEprocedure

Checks whether a VALUE is a port wrapped around a cryptlib envelope or session object.

port->object PORTprocedure

Extracts the object handle from a port wrapping a cryptlib envelope or session object.

(open-input-object HANDLE [DESTROY-ON-CLOSE? EOF-WHEN-EMPTY?]) => PORTprocedure

Wraps a cryptlib envelope or session object into an input port. If DESTROY-ON-CLOSE? is true, closing the port causes disposal of the underlying object using destroy-object.

If EOF-WHEN-EMPTY? is true, the port will enter the end-of-file state as soon as pop-data returns zero, otherwise the port will enter the end-of-file state as soon as pop-data reports an ERROR-READ. The former behaviour is suitable for envelopes, the latter for sessions.

open-output-object HANDLE DESTROY-ON-CLOSE?procedure

Wraps a cryptlib envelope or session object into an output port. If DESTROY-ON-CLOSE? is true, closing the port causes disposal of the underlying object using destroy-object.

Exported Constants

ALGO-NONEconstant
ALGO-DESconstant
ALGO-3DESconstant
ALGO-IDEAconstant
ALGO-RC2constant
ALGO-RC4constant
ALGO-AESconstant
ALGO-DHconstant
ALGO-RSAconstant
ALGO-DSAconstant
ALGO-ELGAMALconstant
ALGO-ECDSAconstant
ALGO-ECDHconstant
ALGO-MD5constant
ALGO-SHA1constant
ALGO-SHA2constant
ALGO-SHAngconstant
ALGO-HMAC-SHA1constant
ALGO-HMAC-SHA2constant
ALGO-HMAC-SHAngconstant
ALGO-FIRST-CONVENTIONALconstant
ALGO-LAST-CONVENTIONALconstant
ALGO-FIRST-PKCconstant
ALGO-LAST-PKCconstant
ALGO-FIRST-HASHconstant
ALGO-LAST-HASHconstant
ALGO-FIRST-MACconstant
ALGO-LAST-MACconstant
MODE-NONEconstant
MODE-ECBconstant
MODE-CBCconstant
MODE-CFBconstant
MODE-GCMconstant
MODE-LASTconstant
KEYSET-NONEconstant
KEYSET-FILEconstant
KEYSET-HTTPconstant
KEYSET-LDAPconstant
KEYSET-ODBCconstant
KEYSET-DATABASEconstant
KEYSET-ODBC-STOREconstant
KEYSET-DATABASE-STOREconstant
KEYSET-LASTconstant
DEVICE-NONEconstant
DEVICE-FORTEZZAconstant
DEVICE-PKCS11constant
DEVICE-CRYPTOAPIconstant
DEVICE-HARDWAREconstant
DEVICE-LASTconstant
CERTTYPE-NONEconstant
CERTTYPE-CERTIFICATEconstant
CERTTYPE-ATTRIBUTE-CERTconstant
CERTTYPE-CERTCHAINconstant
CERTTYPE-CERTREQUESTconstant
CERTTYPE-REQUEST-CERTconstant
CERTTYPE-REQUEST-REVOCATIONconstant
CERTTYPE-CRLconstant
CERTTYPE-CMS-ATTRIBUTESconstant
CERTTYPE-RTCS-REQUESTconstant
CERTTYPE-RTCS-RESPONSEconstant
CERTTYPE-OCSP-REQUESTconstant
CERTTYPE-OCSP-RESPONSEconstant
CERTTYPE-PKIUSERconstant
CERTTYPE-LASTconstant
FORMAT-NONEconstant
FORMAT-AUTOconstant
FORMAT-CRYPTLIBconstant
FORMAT-CMSconstant
FORMAT-PKCS7constant
FORMAT-SMIMEconstant
FORMAT-PGPconstant
FORMAT-LASTconstant
SESSION-NONEconstant
SESSION-SSHconstant
SESSION-SSH-SERVERconstant
SESSION-SSLconstant
SESSION-SSL-SERVERconstant
SESSION-TLSconstant
SESSION-TLS-SERVERconstant
SESSION-RTCSconstant
SESSION-RTCS-SERVERconstant
SESSION-OCSPconstant
SESSION-OCSP-SERVERconstant
SESSION-TSPconstant
SESSION-TSP-SERVERconstant
SESSION-CMPconstant
SESSION-CMP-SERVERconstant
SESSION-SCEPconstant
SESSION-SCEP-SERVERconstant
SESSION-CERTSTORE-SERVERconstant
SESSION-LASTconstant
USER-NONEconstant
USER-NORMALconstant
USER-SOconstant
USER-CAconstant
USER-LASTconstant
ATTRIBUTE-NONEconstant
PROPERTY-HIGHSECURITYconstant
PROPERTY-OWNERconstant
PROPERTY-FORWARDCOUNTconstant
PROPERTY-LOCKEDconstant
PROPERTY-USAGECOUNTconstant
PROPERTY-NONEXPORTABLEconstant
ATTRIBUTE-ERRORTYPEconstant
ATTRIBUTE-ERRORLOCUSconstant
ATTRIBUTE-ERRORMESSAGEconstant
ATTRIBUTE-CURRENT-GROUPconstant
ATTRIBUTE-CURRENTconstant
ATTRIBUTE-CURRENT-INSTANCEconstant
ATTRIBUTE-BUFFERSIZEconstant
OPTION-INFO-DESCRIPTIONconstant
OPTION-INFO-MAJORVERSIONconstant
OPTION-INFO-MINORVERSIONconstant
OPTION-INFO-STEPPINGconstant
OPTION-ENCR-ALGOconstant
OPTION-ENCR-HASHconstant
OPTION-ENCR-MACconstant
OPTION-PKC-ALGOconstant
OPTION-PKC-KEYSIZEconstant
OPTION-SIG-ALGOconstant
OPTION-SIG-KEYSIZEconstant
OPTION-KEYING-ALGOconstant
OPTION-KEYING-ITERATIONSconstant
OPTION-CERT-SIGNUNRECOGNISEDATTRIBUTESconstant
OPTION-CERT-VALIDITYconstant
OPTION-CERT-UPDATEINTERVALconstant
OPTION-CERT-COMPLIANCELEVELconstant
OPTION-CMS-DEFAULTATTRIBUTESconstant
OPTION-SMIME-DEFAULTATTRIBUTESconstant
OPTION-KEYS-LDAP-OBJECTCLASSconstant
OPTION-KEYS-LDAP-OBJECTTYPEconstant
OPTION-KEYS-LDAP-FILTERconstant
OPTION-KEYS-LDAP-CACERTNAMEconstant
OPTION-KEYS-LDAP-CERTNAMEconstant
OPTION-KEYS-LDAP-CRLNAMEconstant
OPTION-KEYS-LDAP-EMAILNAMEconstant
OPTION-DEVICE-PKCS11-DVR01constant
OPTION-DEVICE-PKCS11-DVR02constant
OPTION-DEVICE-PKCS11-DVR03constant
OPTION-DEVICE-PKCS11-DVR04constant
OPTION-DEVICE-PKCS11-DVR05constant
OPTION-DEVICE-PKCS11-HARDWAREONLYconstant
OPTION-NET-SOCKS-SERVERconstant
OPTION-NET-SOCKS-USERNAMEconstant
OPTION-NET-HTTP-PROXYconstant
OPTION-NET-CONNECTTIMEOUTconstant
OPTION-NET-READTIMEOUTconstant
OPTION-NET-WRITETIMEOUTconstant
OPTION-MISC-ASYNCINITconstant
OPTION-MISC-SIDECHANNELPROTECTIONconstant
OPTION-CONFIGCHANGEDconstant
OPTION-SELFTESTOKconstant
CTXINFO-ALGOconstant
CTXINFO-MODEconstant
CTXINFO-NAME-ALGOconstant
CTXINFO-NAME-MODEconstant
CTXINFO-KEYSIZEconstant
CTXINFO-BLOCKSIZEconstant
CTXINFO-IVSIZEconstant
CTXINFO-KEYING-ALGOconstant
CTXINFO-KEYING-ITERATIONSconstant
CTXINFO-KEYING-SALTconstant
CTXINFO-KEYING-VALUEconstant
CTXINFO-KEYconstant
CTXINFO-KEY-COMPONENTSconstant
CTXINFO-IVconstant
CTXINFO-HASHVALUEconstant
CTXINFO-LABELconstant
CTXINFO-PERSISTENTconstant
CERTINFO-SELFSIGNEDconstant
CERTINFO-IMMUTABLEconstant
CERTINFO-XYZZYconstant
CERTINFO-CERTTYPEconstant
CERTINFO-FINGERPRINT-SHA1constant
CERTINFO-FINGERPRINT-SHA2constant
CERTINFO-FINGERPRINT-SHAngconstant
CERTINFO-CURRENT-CERTIFICATEconstant
CERTINFO-TRUSTED-USAGEconstant
CERTINFO-TRUSTED-IMPLICITconstant
CERTINFO-SIGNATURELEVELconstant
CERTINFO-VERSIONconstant
CERTINFO-SERIALNUMBERconstant
CERTINFO-SUBJECTPUBLICKEYINFOconstant
CERTINFO-CERTIFICATEconstant
CERTINFO-USERCERTIFICATEconstant
CERTINFO-CACERTIFICATEconstant
CERTINFO-ISSUERNAMEconstant
CERTINFO-VALIDFROMconstant
CERTINFO-VALIDTOconstant
CERTINFO-SUBJECTNAMEconstant
CERTINFO-ISSUERUNIQUEIDconstant
CERTINFO-SUBJECTUNIQUEIDconstant
CERTINFO-CERTREQUESTconstant
CERTINFO-THISUPDATEconstant
CERTINFO-NEXTUPDATEconstant
CERTINFO-REVOCATIONDATEconstant
CERTINFO-REVOCATIONSTATUSconstant
CERTINFO-CERTSTATUSconstant
CERTINFO-DNconstant
CERTINFO-PKIUSER-IDconstant
CERTINFO-PKIUSER-ISSUEPASSWORDconstant
CERTINFO-PKIUSER-REVPASSWORDconstant
CERTINFO-PKIUSER-RAconstant
CERTINFO-COUNTRYNAMEconstant
CERTINFO-STATEORPROVINCENAMEconstant
CERTINFO-LOCALITYNAMEconstant
CERTINFO-ORGANIZATIONNAMEconstant
CERTINFO-ORGANISATIONNAMEconstant
CERTINFO-ORGANIZATIONALUNITNAMEconstant
CERTINFO-ORGANISATIONALUNITNAMEconstant
CERTINFO-COMMONNAMEconstant
CERTINFO-OTHERNAME-TYPEIDconstant
CERTINFO-OTHERNAME-VALUEconstant
CERTINFO-RFC822NAMEconstant
CERTINFO-EMAILconstant
CERTINFO-DNSNAMEconstant
CERTINFO-DIRECTORYNAMEconstant
CERTINFO-EDIPARTYNAME-NAMEASSIGNERconstant
CERTINFO-EDIPARTYNAME-PARTYNAMEconstant
CERTINFO-UNIFORMRESOURCEIDENTIFIERconstant
CERTINFO-URLconstant
CERTINFO-IPADDRESSconstant
CERTINFO-REGISTEREDIDconstant
CERTINFO-CHALLENGEPASSWORDconstant
CERTINFO-CRLEXTREASONconstant
CERTINFO-KEYFEATURESconstant
CERTINFO-AUTHORITYINFOACCESSconstant
CERTINFO-AUTHORITYINFO-RTCSconstant
CERTINFO-AUTHORITYINFO-OCSPconstant
CERTINFO-AUTHORITYINFO-CAISSUERSconstant
CERTINFO-AUTHORITYINFO-CERTSTOREconstant
CERTINFO-AUTHORITYINFO-CRLSconstant
CERTINFO-BIOMETRICINFOconstant
CERTINFO-BIOMETRICINFO-TYPEconstant
CERTINFO-BIOMETRICINFO-HASHALGOconstant
CERTINFO-BIOMETRICINFO-HASHconstant
CERTINFO-BIOMETRICINFO-URLconstant
CERTINFO-QCSTATEMENTconstant
CERTINFO-QCSTATEMENT-SEMANTICSconstant
CERTINFO-QCSTATEMENT-REGISTRATIONAUTHORITYconstant
CERTINFO-IPADDRESSBLOCKSconstant
CERTINFO-IPADDRESSBLOCKS-ADDRESSFAMILYconstant
CERTINFO-IPADDRESSBLOCKS-PREFIXconstant
CERTINFO-IPADDRESSBLOCKS-MINconstant
CERTINFO-IPADDRESSBLOCKS-MAXconstant
CERTINFO-AUTONOMOUSSYSIDSconstant
CERTINFO-AUTONOMOUSSYSIDS-ASNUM-IDconstant
CERTINFO-AUTONOMOUSSYSIDS-ASNUM-MINconstant
CERTINFO-AUTONOMOUSSYSIDS-ASNUM-MAXconstant
CERTINFO-OCSP-NONCEconstant
CERTINFO-OCSP-RESPONSEconstant
CERTINFO-OCSP-RESPONSE-OCSPconstant
CERTINFO-OCSP-NOCHECKconstant
CERTINFO-OCSP-ARCHIVECUTOFFconstant
CERTINFO-SUBJECTINFOACCESSconstant
CERTINFO-SUBJECTINFO-CAREPOSITORYconstant
CERTINFO-SUBJECTINFO-TIMESTAMPINGconstant
CERTINFO-SUBJECTINFO-SIGNEDOBJECTREPOSITORYconstant
CERTINFO-SUBJECTINFO-RPKIMANIFESTconstant
CERTINFO-SUBJECTINFO-SIGNEDOBJECTconstant
CERTINFO-SIGG-DATEOFCERTGENconstant
CERTINFO-SIGG-PROCURATIONconstant
CERTINFO-SIGG-PROCURE-COUNTRYconstant
CERTINFO-SIGG-PROCURE-TYPEOFSUBSTITUTIONconstant
CERTINFO-SIGG-PROCURE-SIGNINGFORconstant
CERTINFO-SIGG-ADMISSIONSconstant
CERTINFO-SIGG-ADMISSIONS-AUTHORITYconstant
CERTINFO-SIGG-ADMISSIONS-NAMINGAUTHIDconstant
CERTINFO-SIGG-ADMISSIONS-NAMINGAUTHURLconstant
CERTINFO-SIGG-ADMISSIONS-NAMINGAUTHTEXTconstant
CERTINFO-SIGG-ADMISSIONS-PROFESSIONITEMconstant
CERTINFO-SIGG-ADMISSIONS-PROFESSIONOIDconstant
CERTINFO-SIGG-ADMISSIONS-REGISTRATIONNUMBERconstant
CERTINFO-SIGG-MONETARYLIMITconstant
CERTINFO-SIGG-MONETARY-CURRENCYconstant
CERTINFO-SIGG-MONETARY-AMOUNTconstant
CERTINFO-SIGG-MONETARY-EXPONENTconstant
CERTINFO-SIGG-DECLARATIONOFMAJORITYconstant
CERTINFO-SIGG-DECLARATIONOFMAJORITY-COUNTRYconstant
CERTINFO-SIGG-RESTRICTIONconstant
CERTINFO-SIGG-CERTHASHconstant
CERTINFO-SIGG-ADDITIONALINFORMATIONconstant
CERTINFO-STRONGEXTRANETconstant
CERTINFO-STRONGEXTRANET-ZONEconstant
CERTINFO-STRONGEXTRANET-IDconstant
CERTINFO-SUBJECTDIRECTORYATTRIBUTESconstant
CERTINFO-SUBJECTDIR-TYPEconstant
CERTINFO-SUBJECTDIR-VALUESconstant
CERTINFO-SUBJECTKEYIDENTIFIERconstant
CERTINFO-KEYUSAGEconstant
CERTINFO-PRIVATEKEYUSAGEPERIODconstant
CERTINFO-PRIVATEKEY-NOTBEFOREconstant
CERTINFO-PRIVATEKEY-NOTAFTERconstant
CERTINFO-SUBJECTALTNAMEconstant
CERTINFO-ISSUERALTNAMEconstant
CERTINFO-BASICCONSTRAINTSconstant
CERTINFO-CAconstant
CERTINFO-AUTHORITYconstant
CERTINFO-PATHLENCONSTRAINTconstant
CERTINFO-CRLNUMBERconstant
CERTINFO-CRLREASONconstant
CERTINFO-HOLDINSTRUCTIONCODEconstant
CERTINFO-INVALIDITYDATEconstant
CERTINFO-DELTACRLINDICATORconstant
CERTINFO-ISSUINGDISTRIBUTIONPOINTconstant
CERTINFO-ISSUINGDIST-FULLNAMEconstant
CERTINFO-ISSUINGDIST-USERCERTSONLYconstant
CERTINFO-ISSUINGDIST-CACERTSONLYconstant
CERTINFO-ISSUINGDIST-SOMEREASONSONLYconstant
CERTINFO-ISSUINGDIST-INDIRECTCRLconstant
CERTINFO-CERTIFICATEISSUERconstant
CERTINFO-NAMECONSTRAINTSconstant
CERTINFO-PERMITTEDSUBTREESconstant
CERTINFO-EXCLUDEDSUBTREESconstant
CERTINFO-CRLDISTRIBUTIONPOINTconstant
CERTINFO-CRLDIST-FULLNAMEconstant
CERTINFO-CRLDIST-REASONSconstant
CERTINFO-CRLDIST-CRLISSUERconstant
CERTINFO-CERTIFICATEPOLICIESconstant
CERTINFO-CERTPOLICYIDconstant
CERTINFO-CERTPOLICY-CPSURIconstant
CERTINFO-CERTPOLICY-ORGANIZATIONconstant
CERTINFO-CERTPOLICY-NOTICENUMBERSconstant
CERTINFO-CERTPOLICY-EXPLICITTEXTconstant
CERTINFO-POLICYMAPPINGSconstant
CERTINFO-ISSUERDOMAINPOLICYconstant
CERTINFO-SUBJECTDOMAINPOLICYconstant
CERTINFO-AUTHORITYKEYIDENTIFIERconstant
CERTINFO-AUTHORITY-KEYIDENTIFIERconstant
CERTINFO-AUTHORITY-CERTISSUERconstant
CERTINFO-AUTHORITY-CERTSERIALNUMBERconstant
CERTINFO-POLICYCONSTRAINTSconstant
CERTINFO-REQUIREEXPLICITPOLICYconstant
CERTINFO-INHIBITPOLICYMAPPINGconstant
CERTINFO-EXTKEYUSAGEconstant
CERTINFO-EXTKEY-MS-INDIVIDUALCODESIGNINGconstant
CERTINFO-EXTKEY-MS-COMMERCIALCODESIGNINGconstant
CERTINFO-EXTKEY-MS-CERTTRUSTLISTSIGNINGconstant
CERTINFO-EXTKEY-MS-TIMESTAMPSIGNINGconstant
CERTINFO-EXTKEY-MS-SERVERGATEDCRYPTOconstant
CERTINFO-EXTKEY-MS-ENCRYPTEDFILESYSTEMconstant
CERTINFO-EXTKEY-SERVERAUTHconstant
CERTINFO-EXTKEY-CLIENTAUTHconstant
CERTINFO-EXTKEY-CODESIGNINGconstant
CERTINFO-EXTKEY-EMAILPROTECTIONconstant
CERTINFO-EXTKEY-IPSECENDSYSTEMconstant
CERTINFO-EXTKEY-IPSECTUNNELconstant
CERTINFO-EXTKEY-IPSECUSERconstant
CERTINFO-EXTKEY-TIMESTAMPINGconstant
CERTINFO-EXTKEY-OCSPSIGNINGconstant
CERTINFO-EXTKEY-DIRECTORYSERVICEconstant
CERTINFO-EXTKEY-ANYKEYUSAGEconstant
CERTINFO-EXTKEY-NS-SERVERGATEDCRYPTOconstant
CERTINFO-EXTKEY-VS-SERVERGATEDCRYPTO-CAconstant
CERTINFO-CRLSTREAMIDENTIFIERconstant
CERTINFO-FRESHESTCRLconstant
CERTINFO-FRESHESTCRL-FULLNAMEconstant
CERTINFO-FRESHESTCRL-REASONSconstant
CERTINFO-FRESHESTCRL-CRLISSUERconstant
CERTINFO-ORDEREDLISTconstant
CERTINFO-BASEUPDATETIMEconstant
CERTINFO-DELTAINFOconstant
CERTINFO-DELTAINFO-LOCATIONconstant
CERTINFO-DELTAINFO-NEXTDELTAconstant
CERTINFO-INHIBITANYPOLICYconstant
CERTINFO-TOBEREVOKEDconstant
CERTINFO-TOBEREVOKED-CERTISSUERconstant
CERTINFO-TOBEREVOKED-REASONCODEconstant
CERTINFO-TOBEREVOKED-REVOCATIONTIMEconstant
CERTINFO-TOBEREVOKED-CERTSERIALNUMBERconstant
CERTINFO-REVOKEDGROUPSconstant
CERTINFO-REVOKEDGROUPS-CERTISSUERconstant
CERTINFO-REVOKEDGROUPS-REASONCODEconstant
CERTINFO-REVOKEDGROUPS-INVALIDITYDATEconstant
CERTINFO-REVOKEDGROUPS-STARTINGNUMBERconstant
CERTINFO-REVOKEDGROUPS-ENDINGNUMBERconstant
CERTINFO-EXPIREDCERTSONCRLconstant
CERTINFO-AAISSUINGDISTRIBUTIONPOINTconstant
CERTINFO-AAISSUINGDIST-FULLNAMEconstant
CERTINFO-AAISSUINGDIST-SOMEREASONSONLYconstant
CERTINFO-AAISSUINGDIST-INDIRECTCRLconstant
CERTINFO-AAISSUINGDIST-USERATTRCERTSconstant
CERTINFO-AAISSUINGDIST-AACERTSconstant
CERTINFO-AAISSUINGDIST-SOACERTSconstant
CERTINFO-NS-CERTTYPEconstant
CERTINFO-NS-BASEURLconstant
CERTINFO-NS-REVOCATIONURLconstant
CERTINFO-NS-CAREVOCATIONURLconstant
CERTINFO-NS-CERTRENEWALURLconstant
CERTINFO-NS-CAPOLICYURLconstant
CERTINFO-NS-SSLSERVERNAMEconstant
CERTINFO-NS-COMMENTconstant
CERTINFO-SET-HASHEDROOTKEYconstant
CERTINFO-SET-ROOTKEYTHUMBPRINTconstant
CERTINFO-SET-CERTIFICATETYPEconstant
CERTINFO-SET-MERCHANTDATAconstant
CERTINFO-SET-MERIDconstant
CERTINFO-SET-MERACQUIRERBINconstant
CERTINFO-SET-MERCHANTLANGUAGEconstant
CERTINFO-SET-MERCHANTNAMEconstant
CERTINFO-SET-MERCHANTCITYconstant
CERTINFO-SET-MERCHANTSTATEPROVINCEconstant
CERTINFO-SET-MERCHANTPOSTALCODEconstant
CERTINFO-SET-MERCHANTCOUNTRYNAMEconstant
CERTINFO-SET-MERCOUNTRYconstant
CERTINFO-SET-MERAUTHFLAGconstant
CERTINFO-SET-CERTCARDREQUIREDconstant
CERTINFO-SET-TUNNELINGconstant
CERTINFO-SET-TUNNELLINGconstant
CERTINFO-SET-TUNNELINGFLAGconstant
CERTINFO-SET-TUNNELLINGFLAGconstant
CERTINFO-SET-TUNNELINGALGIDconstant
CERTINFO-SET-TUNNELLINGALGIDconstant
CERTINFO-CMS-CONTENTTYPEconstant
CERTINFO-CMS-MESSAGEDIGESTconstant
CERTINFO-CMS-SIGNINGTIMEconstant
CERTINFO-CMS-COUNTERSIGNATUREconstant
CERTINFO-CMS-SIGNINGDESCRIPTIONconstant
CERTINFO-CMS-SMIMECAPABILITIESconstant
CERTINFO-CMS-SMIMECAP-3DESconstant
CERTINFO-CMS-SMIMECAP-AESconstant
CERTINFO-CMS-SMIMECAP-CAST128constant
CERTINFO-CMS-SMIMECAP-SHAngconstant
CERTINFO-CMS-SMIMECAP-SHA2constant
CERTINFO-CMS-SMIMECAP-SHA1constant
CERTINFO-CMS-SMIMECAP-HMAC-SHAngconstant
CERTINFO-CMS-SMIMECAP-HMAC-SHA2constant
CERTINFO-CMS-SMIMECAP-HMAC-SHA1constant
CERTINFO-CMS-SMIMECAP-AUTHENC256constant
CERTINFO-CMS-SMIMECAP-AUTHENC128constant
CERTINFO-CMS-SMIMECAP-RSA-SHAngconstant
CERTINFO-CMS-SMIMECAP-RSA-SHA2constant
CERTINFO-CMS-SMIMECAP-RSA-SHA1constant
CERTINFO-CMS-SMIMECAP-DSA-SHA1constant
CERTINFO-CMS-SMIMECAP-ECDSA-SHAngconstant
CERTINFO-CMS-SMIMECAP-ECDSA-SHA2constant
CERTINFO-CMS-SMIMECAP-ECDSA-SHA1constant
CERTINFO-CMS-SMIMECAP-PREFERSIGNEDDATAconstant
CERTINFO-CMS-SMIMECAP-CANNOTDECRYPTANYconstant
CERTINFO-CMS-SMIMECAP-PREFERBINARYINSIDEconstant
CERTINFO-CMS-RECEIPTREQUESTconstant
CERTINFO-CMS-RECEIPT-CONTENTIDENTIFIERconstant
CERTINFO-CMS-RECEIPT-FROMconstant
CERTINFO-CMS-RECEIPT-TOconstant
CERTINFO-CMS-SECURITYLABELconstant
CERTINFO-CMS-SECLABEL-CLASSIFICATIONconstant
CERTINFO-CMS-SECLABEL-POLICYconstant
CERTINFO-CMS-SECLABEL-PRIVACYMARKconstant
CERTINFO-CMS-SECLABEL-CATTYPEconstant
CERTINFO-CMS-SECLABEL-CATVALUEconstant
CERTINFO-CMS-MLEXPANSIONHISTORYconstant
CERTINFO-CMS-MLEXP-ENTITYIDENTIFIERconstant
CERTINFO-CMS-MLEXP-TIMEconstant
CERTINFO-CMS-MLEXP-NONEconstant
CERTINFO-CMS-MLEXP-INSTEADOFconstant
CERTINFO-CMS-MLEXP-INADDITIONTOconstant
CERTINFO-CMS-CONTENTHINTSconstant
CERTINFO-CMS-CONTENTHINT-DESCRIPTIONconstant
CERTINFO-CMS-CONTENTHINT-TYPEconstant
CERTINFO-CMS-EQUIVALENTLABELconstant
CERTINFO-CMS-EQVLABEL-POLICYconstant
CERTINFO-CMS-EQVLABEL-CLASSIFICATIONconstant
CERTINFO-CMS-EQVLABEL-PRIVACYMARKconstant
CERTINFO-CMS-EQVLABEL-CATTYPEconstant
CERTINFO-CMS-EQVLABEL-CATVALUEconstant
CERTINFO-CMS-SIGNINGCERTIFICATEconstant
CERTINFO-CMS-SIGNINGCERT-ESSCERTIDconstant
CERTINFO-CMS-SIGNINGCERT-POLICIESconstant
CERTINFO-CMS-SIGNINGCERTIFICATEV2constant
CERTINFO-CMS-SIGNINGCERTV2-ESSCERTIDV2constant
CERTINFO-CMS-SIGNINGCERTV2-POLICIESconstant
CERTINFO-CMS-SIGNATUREPOLICYIDconstant
CERTINFO-CMS-SIGPOLICYIDconstant
CERTINFO-CMS-SIGPOLICYHASHconstant
CERTINFO-CMS-SIGPOLICY-CPSURIconstant
CERTINFO-CMS-SIGPOLICY-ORGANIZATIONconstant
CERTINFO-CMS-SIGPOLICY-NOTICENUMBERSconstant
CERTINFO-CMS-SIGPOLICY-EXPLICITTEXTconstant
CERTINFO-CMS-SIGTYPEIDENTIFIERconstant
CERTINFO-CMS-SIGTYPEID-ORIGINATORSIGconstant
CERTINFO-CMS-SIGTYPEID-DOMAINSIGconstant
CERTINFO-CMS-SIGTYPEID-ADDITIONALATTRIBUTESconstant
CERTINFO-CMS-SIGTYPEID-REVIEWSIGconstant
CERTINFO-CMS-NONCEconstant
CERTINFO-SCEP-MESSAGETYPEconstant
CERTINFO-SCEP-PKISTATUSconstant
CERTINFO-SCEP-FAILINFOconstant
CERTINFO-SCEP-SENDERNONCEconstant
CERTINFO-SCEP-RECIPIENTNONCEconstant
CERTINFO-SCEP-TRANSACTIONIDconstant
CERTINFO-CMS-SPCAGENCYINFOconstant
CERTINFO-CMS-SPCAGENCYURLconstant
CERTINFO-CMS-SPCSTATEMENTTYPEconstant
CERTINFO-CMS-SPCSTMT-INDIVIDUALCODESIGNINGconstant
CERTINFO-CMS-SPCSTMT-COMMERCIALCODESIGNINGconstant
CERTINFO-CMS-SPCOPUSINFOconstant
CERTINFO-CMS-SPCOPUSINFO-NAMEconstant
CERTINFO-CMS-SPCOPUSINFO-URLconstant
KEYINFO-QUERYconstant
KEYINFO-QUERY-REQUESTSconstant
DEVINFO-INITIALISEconstant
DEVINFO-INITIALIZEconstant
DEVINFO-AUTHENT-USERconstant
DEVINFO-AUTHENT-SUPERVISORconstant
DEVINFO-SET-AUTHENT-USERconstant
DEVINFO-SET-AUTHENT-SUPERVISORconstant
DEVINFO-ZEROISEconstant
DEVINFO-ZEROIZEconstant
DEVINFO-LOGGEDINconstant
DEVINFO-LABELconstant
ENVINFO-DATASIZEconstant
ENVINFO-COMPRESSIONconstant
ENVINFO-CONTENTTYPEconstant
ENVINFO-DETACHEDSIGNATUREconstant
ENVINFO-SIGNATURE-RESULTconstant
ENVINFO-INTEGRITYconstant
ENVINFO-PASSWORDconstant
ENVINFO-KEYconstant
ENVINFO-SIGNATUREconstant
ENVINFO-SIGNATURE-EXTRADATAconstant
ENVINFO-RECIPIENTconstant
ENVINFO-PUBLICKEYconstant
ENVINFO-PRIVATEKEYconstant
ENVINFO-PRIVATEKEY-LABELconstant
ENVINFO-ORIGINATORconstant
ENVINFO-SESSIONKEYconstant
ENVINFO-HASHconstant
ENVINFO-TIMESTAMPconstant
ENVINFO-KEYSET-SIGCHECKconstant
ENVINFO-KEYSET-ENCRYPTconstant
ENVINFO-KEYSET-DECRYPTconstant
SESSINFO-ACTIVEconstant
SESSINFO-CONNECTIONACTIVEconstant
SESSINFO-USERNAMEconstant
SESSINFO-PASSWORDconstant
SESSINFO-PRIVATEKEYconstant
SESSINFO-KEYSETconstant
SESSINFO-AUTHRESPONSEconstant
SESSINFO-SERVER-NAMEconstant
SESSINFO-SERVER-PORTconstant
SESSINFO-SERVER-FINGERPRINT-SHA1constant
SESSINFO-CLIENT-NAMEconstant
SESSINFO-CLIENT-PORTconstant
SESSINFO-SESSIONconstant
SESSINFO-NETWORKSOCKETconstant
SESSINFO-VERSIONconstant
SESSINFO-REQUESTconstant
SESSINFO-RESPONSEconstant
SESSINFO-CACERTIFICATEconstant
SESSINFO-TSP-MSGIMPRINTconstant
SESSINFO-CMP-REQUESTTYPEconstant
SESSINFO-CMP-PRIVKEYSETconstant
SESSINFO-SSH-CHANNELconstant
SESSINFO-SSH-CHANNEL-TYPEconstant
SESSINFO-SSH-CHANNEL-ARG1constant
SESSINFO-SSH-CHANNEL-ARG2constant
SESSINFO-SSH-CHANNEL-ACTIVEconstant
SESSINFO-SSL-OPTIONSconstant
USERINFO-PASSWORDconstant
USERINFO-CAKEY-CERTSIGNconstant
USERINFO-CAKEY-CRLSIGNconstant
USERINFO-CAKEY-RTCSSIGNconstant
USERINFO-CAKEY-OCSPSIGNconstant
KEYUSAGE-NONEconstant
KEYUSAGE-DIGITALSIGNATUREconstant
KEYUSAGE-NONREPUDIATIONconstant
KEYUSAGE-KEYENCIPHERMENTconstant
KEYUSAGE-DATAENCIPHERMENTconstant
KEYUSAGE-KEYAGREEMENTconstant
KEYUSAGE-KEYCERTSIGNconstant
KEYUSAGE-CRLSIGNconstant
KEYUSAGE-ENCIPHERONLYconstant
KEYUSAGE-DECIPHERONLYconstant
KEYUSAGE-LASTconstant
CRLREASON-UNSPECIFIEDconstant
CRLREASON-KEYCOMPROMISEconstant
CRLREASON-CACOMPROMISEconstant
CRLREASON-AFFILIATIONCHANGEDconstant
CRLREASON-SUPERSEDEDconstant
CRLREASON-CESSATIONOFOPERATIONconstant
CRLREASON-CERTIFICATEHOLDconstant
CRLREASON-REMOVEFROMCRLconstant
CRLREASON-PRIVILEGEWITHDRAWNconstant
CRLREASON-AACOMPROMISEconstant
CRLREASON-LASTconstant
CRLREASON-NEVERVALIDconstant
CRLEXTREASON-LASTconstant
CRLREASONFLAG-UNUSEDconstant
CRLREASONFLAG-KEYCOMPROMISEconstant
CRLREASONFLAG-CACOMPROMISEconstant
CRLREASONFLAG-AFFILIATIONCHANGEDconstant
CRLREASONFLAG-SUPERSEDEDconstant
CRLREASONFLAG-CESSATIONOFOPERATIONconstant
CRLREASONFLAG-CERTIFICATEHOLDconstant
CRLREASONFLAG-LASTconstant
HOLDINSTRUCTION-NONEconstant
HOLDINSTRUCTION-CALLISSUERconstant
HOLDINSTRUCTION-REJECTconstant
HOLDINSTRUCTION-PICKUPTOKENconstant
HOLDINSTRUCTION-LASTconstant
COMPLIANCELEVEL-OBLIVIOUSconstant
COMPLIANCELEVEL-REDUCEDconstant
COMPLIANCELEVEL-STANDARDconstant
COMPLIANCELEVEL-PKIX-PARTIALconstant
COMPLIANCELEVEL-PKIX-FULLconstant
COMPLIANCELEVEL-LASTconstant
NS-CERTTYPE-SSLCLIENTconstant
NS-CERTTYPE-SSLSERVERconstant
NS-CERTTYPE-SMIMEconstant
NS-CERTTYPE-OBJECTSIGNINGconstant
NS-CERTTYPE-SSLCAconstant
NS-CERTTYPE-SMIMECAconstant
NS-CERTTYPE-OBJECTSIGNINGCAconstant
NS-CERTTYPE-LASTconstant
SET-CERTTYPE-CARDconstant
SET-CERTTYPE-MERconstant
SET-CERTTYPE-PGWYconstant
SET-CERTTYPE-CCAconstant
SET-CERTTYPE-MCAconstant
SET-CERTTYPE-PCAconstant
SET-CERTTYPE-GCAconstant
SET-CERTTYPE-BCAconstant
SET-CERTTYPE-RCAconstant
SET-CERTTYPE-ACQconstant
SET-CERTTYPE-LASTconstant
CONTENT-NONEconstant
CONTENT-DATAconstant
CONTENT-SIGNEDDATAconstant
CONTENT-ENVELOPEDDATAconstant
CONTENT-SIGNEDANDENVELOPEDDATAconstant
CONTENT-DIGESTEDDATAconstant
CONTENT-ENCRYPTEDDATAconstant
CONTENT-COMPRESSEDDATAconstant
CONTENT-AUTHDATAconstant
CONTENT-AUTHENVDATAconstant
CONTENT-TSTINFOconstant
CONTENT-SPCINDIRECTDATACONTEXTconstant
CONTENT-RTCSREQUESTconstant
CONTENT-RTCSRESPONSEconstant
CONTENT-RTCSRESPONSE-EXTconstant
CONTENT-MRTDconstant
CONTENT-LASTconstant
CLASSIFICATION-UNMARKEDconstant
CLASSIFICATION-UNCLASSIFIEDconstant
CLASSIFICATION-RESTRICTEDconstant
CLASSIFICATION-CONFIDENTIALconstant
CLASSIFICATION-SECRETconstant
CLASSIFICATION-TOP-SECRETconstant
CLASSIFICATION-LASTconstant
CERTSTATUS-VALIDconstant
CERTSTATUS-NOTVALIDconstant
CERTSTATUS-NONAUTHORITATIVEconstant
CERTSTATUS-UNKNOWNconstant
OCSPSTATUS-NOTREVOKEDconstant
OCSPSTATUS-REVOKEDconstant
OCSPSTATUS-UNKNOWNconstant
SIGNATURELEVEL-NONEconstant
SIGNATURELEVEL-SIGNERCERTconstant
SIGNATURELEVEL-ALLconstant
SIGNATURELEVEL-LASTconstant
INTEGRITY-NONEconstant
INTEGRITY-MACONLYconstant
INTEGRITY-FULLconstant
CERTFORMAT-NONEconstant
CERTFORMAT-CERTIFICATEconstant
CERTFORMAT-CERTCHAINconstant
CERTFORMAT-TEXT-CERTIFICATEconstant
CERTFORMAT-TEXT-CERTCHAINconstant
CERTFORMAT-XML-CERTIFICATEconstant
CERTFORMAT-XML-CERTCHAINconstant
CERTFORMAT-LASTconstant
REQUESTTYPE-NONEconstant
REQUESTTYPE-INITIALISATIONconstant
REQUESTTYPE-INITIALIZATIONconstant
REQUESTTYPE-CERTIFICATEconstant
REQUESTTYPE-KEYUPDATEconstant
REQUESTTYPE-REVOCATIONconstant
REQUESTTYPE-PKIBOOTconstant
REQUESTTYPE-LASTconstant
KEYID-NONEconstant
KEYID-NAMEconstant
KEYID-URIconstant
KEYID-EMAILconstant
KEYID-LASTconstant
OBJECT-NONEconstant
OBJECT-ENCRYPTED-KEYconstant
OBJECT-PKCENCRYPTED-KEYconstant
OBJECT-KEYAGREEMENTconstant
OBJECT-SIGNATUREconstant
OBJECT-LASTconstant
ERRTYPE-NONEconstant
ERRTYPE-ATTR-SIZEconstant
ERRTYPE-ATTR-VALUEconstant
ERRTYPE-ATTR-ABSENTconstant
ERRTYPE-ATTR-PRESENTconstant
ERRTYPE-CONSTRAINTconstant
ERRTYPE-ISSUERCONSTRAINTconstant
ERRTYPE-LASTconstant
CERTACTION-NONEconstant
CERTACTION-CREATEconstant
CERTACTION-CONNECTconstant
CERTACTION-DISCONNECTconstant
CERTACTION-ERRORconstant
CERTACTION-ADDUSERconstant
CERTACTION-DELETEUSERconstant
CERTACTION-REQUEST-CERTconstant
CERTACTION-REQUEST-RENEWALconstant
CERTACTION-REQUEST-REVOCATIONconstant
CERTACTION-CERT-CREATIONconstant
CERTACTION-CERT-CREATION-COMPLETEconstant
CERTACTION-CERT-CREATION-DROPconstant
CERTACTION-CERT-CREATION-REVERSEconstant
CERTACTION-RESTART-CLEANUPconstant
CERTACTION-RESTART-REVOKE-CERTconstant
CERTACTION-ISSUE-CERTconstant
CERTACTION-ISSUE-CRLconstant
CERTACTION-REVOKE-CERTconstant
CERTACTION-EXPIRE-CERTconstant
CERTACTION-CLEANUPconstant
CERTACTION-LASTconstant
SSLOPTION-NONEconstant
SSLOPTION-MINVER-SSLV3constant
SSLOPTION-MINVER-TLS10constant
SSLOPTION-MINVER-TLS11constant
SSLOPTION-MINVER-TLS12constant
SSLOPTION-MINVER-TLS13constant
SSLOPTION-MANUAL-CERTCHECKconstant
SSLOPTION-DISABLE-NAMEVERIFYconstant
SSLOPTION-DISABLE-CERTVERIFYconstant
SSLOPTION-SUITEB-128constant
SSLOPTION-SUITEB-256constant
MAX-KEYSIZEconstant
MAX-IVSIZEconstant
MAX-PKCSIZEconstant
MAX-PKCSIZE-ECCconstant
MAX-HASHSIZEconstant
MAX-TEXTSIZEconstant
USE-DEFAULTconstant
UNUSEDconstant
KEYTYPE-PRIVATEconstant
KEYTYPE-PUBLICconstant
RANDOM-FASTPOLLconstant
RANDOM-SLOWPOLLconstant
CURSOR-FIRSTconstant
CURSOR-PREVIOUSconstant
CURSOR-NEXTconstant
CURSOR-LASTconstant
KEYOPT-NONEconstant
KEYOPT-READONLYconstant
KEYOPT-CREATEconstant
KEYOPT-LASTconstant
OKconstant
ERROR-PARAM1constant
ERROR-PARAM2constant
ERROR-PARAM3constant
ERROR-PARAM4constant
ERROR-PARAM5constant
ERROR-PARAM6constant
ERROR-PARAM7constant
ERROR-MEMORYconstant
ERROR-NOTINITEDconstant
ERROR-INITEDconstant
ERROR-NOSECUREconstant
ERROR-RANDOMconstant
ERROR-FAILEDconstant
ERROR-INTERNALconstant
ERROR-NOTAVAILconstant
ERROR-PERMISSIONconstant
ERROR-WRONGKEYconstant
ERROR-INCOMPLETEconstant
ERROR-COMPLETEconstant
ERROR-TIMEOUTconstant
ERROR-INVALIDconstant
ERROR-SIGNALLEDconstant
ERROR-OVERFLOWconstant
ERROR-UNDERFLOWconstant
ERROR-BADDATAconstant
ERROR-SIGNATUREconstant
ERROR-OPENconstant
ERROR-READconstant
ERROR-WRITEconstant
ERROR-NOTFOUNDconstant
ERROR-DUPLICATEconstant
ENVELOPE-RESOURCEconstant

Additional Documentation

For information about the functions of the underlying C library, consult the reference guide that can be downloaded from its homepage. The repository site contains some documentation, too.

License

 Copyright (C) 2011 Thomas Chust <chust@web.de>.  All rights reserved.
 
 Permission is hereby granted, free of charge, to any person
 obtaining a copy of this software and associated documentation files
 (the Software), to deal in the Software without restriction,
 including without limitation the rights to use, copy, modify, merge,
 publish, distribute, sublicense, and/or sell copies of the Software,
 and to permit persons to whom the Software is furnished to do so,
 subject to the following conditions:
 
 The above copyright notice and this permission notice shall be
 included in all copies or substantial portions of the Software.
 
 THE SOFTWARE IS PROVIDED ASIS, WITHOUT WARRANTY OF ANY KIND, EXPRESS
 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
 BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
 ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.

Contents »