scp home

Home    CertX ActiveX Online Help Prev Next
Introduction
License
Certificate Request functions
csr_new
csr_export_to_file
csr_export
csr_sign
x.509 functions
x509_check_private_key
x509_checkpurpose
x509_export
x509_export_to_file
x509_free
x509_read
x509_parse
PKCS7 functions
pkcs7_decrypt
pkcs7_encrypt
pkcs7_sign
pkcs7_verify
RSA
pkey_new
pkey_export
pkey_export_to_file
pkey_get_public
pkey_get_private
public_encrypt
private_decrypt
open (decrypt)
seal (encrypt)
sign
verify
PKCS7 Constants

PKCS7 Constants

ConstantDescription
PKCS7_TEXTAdds text/plain content type headers to encrypted/signed message. If decrypting or verifying, it strips those headers from the output - if the decrypted or verified message is not of MIME type text/plain then an error will occur.
PKCS7_BINARYNormally the input message is converted to "canonical" format which is effectively using CR and LF as end of line: as required by the S/MIME specification. When this options is present, no translation occurs. This is useful when handling binary data which may not be in MIME format.
PKCS7_NOINTERNWhen verifying a message, certificates (if any) included in the message are normally searched for the signing certificate. With this option only the certificates specified in the extracerts parameter of pkcs7_verify() are used. The supplied certificates can still be used as untrusted CAs however.
PKCS7_NOVERIFYDo not verify the signers certificate of a signed message.
PKCS7_NOCHAINDo not chain verification of signers certificates: that is don't use the certificates in the signed message as untrusted CAs.
PKCS7_NOCERTSWhen signing a message the signer's certificate is normally included - with this option it is excluded. This will reduce the size of the signed message but the verifier must have a copy of the signers certificate available locally (passed using the extracerts to pkcs7_verify() for example).
PKCS7_NOATTRNormally when a message is signed, a set of attributes are included which include the signing time and the supported symmetric algorithms. With this option they are not included.
PKCS7_DETACHEDWhen signing a message, use cleartext signing with the MIME type multipart/signed. This is the default if you do not specify any flags to pkcs7_sign(). If you turn this option off, the message will be signed using opaque signing, which is more resistant to translation by mail relays but cannot be read by mail agents that do not support S/MIME.
PKCS7_NOSIGSDon't try and verify the signatures on a message

(c) Activecrypt Software LLC, 2004

 

Browser Based Help. Published by chm2web software.