S/MIME capabilities

These functions allow for S/MIME capability manipulation of certificates.

These capabilities are an extension to the X.509 standard to accomodate the S/MIME capabilities that a given message recipient has. They are included in the certificate so the message sender has a way to know about them (see RFC 4262 and its references for details).

Each capability is a tuple with an unique OID key¹ plus a data binary string.

CST_set_capability

int CST_set_capability ( CST * st, const cst_t_seqnum certID, ASN1_OBJECT * oid, unsigned char * data, int data_length)

Set S/MIME Capability for a given certificate

Parameters

• st Pointer to storage structure
• certID the certificate ID inside the storage
• oid Capability OID
• data Capability binary data buffer
• data_length Length of data buffer

Returns

• Error code.

Errors

• CST_ERROR_PARAM_INCORRECT (if storage is NULL)
• CST_ERROR_CERT_NOTFOUND
• CST_ERROR_DBSTRUCTURE_CORRUPT
• CST_ERROR_IO
• CST_ERROR_UNDEF_FILE_ERROR

CST_get_capability_data

unsigned char* CST_get_capability_data (CST * st, const cst_t_seqnum certID, ASN1_OBJECT * oid, int * data_length)

Get S/MIME Capability for given cert

Parameters

• st Pointer to storage structure
• certID the certificate ID inside the storage
• oid Capability OID
• data_length Pointer to integer that will receive the length of returned buffer.

Returns

• Binary string buffer. User is responsible to free this object using g_free().

Errors

• CST_ERROR_PARAM_INCORRECT (if storage is NULL)
• CST_ERROR_CERT_NOTFOUND
• CST_ERROR_DBSTRUCTURE_CORRUPT
• CST_ERROR_IO
• CST_ERROR_UNDEF_FILE_ERROR
• CST_ERROR_CAPABILITY_NOTFOUND

CST_get_capabilities

CST_STACK_OF_ASN1_OBJECT* CST_get_capabilities (CST * st, const cst_t_seqnum certID)

Get S/MIME Capabilities list for given cert

Parameters

• st Pointer to storage structure
• certID the certificate ID inside the storage

Returns

• Stack of ASN.1 objects with capability tuples. User is responsible to free this object. Do this by freeing each element in the list with ASN1_OBJECT_free() and then freeing the stack with sk_ASN1_OBJECT_free().

Errors

• CST_ERROR_PARAM_INCORRECT (if storage is NULL)
• CST_ERROR_CERT_NOTFOUND
• CST_ERROR_DBSTRUCTURE_CORRUPT
• CST_ERROR_IO
• CST_ERROR_UNDEF_FILE_ERROR

CST_is_capability

int CST_is_capability (CST * st, const cst_t_seqnum certID, ASN1_OBJECT * oid)

Returns TRUE if capability exists

Parameters

• st Pointer to storage structure
• certID the certificate ID inside the storage
• oid Capability OID

Returns

• TRUE if capability exists
• FALSE if it does not exist, of if some error ocurred. You need to test CST_last_error() to tell apart.

Errors

• CST_ERROR_PARAM_INCORRECT (if storage is NULL)
• CST_ERROR_CERT_NOTFOUND
• CST_ERROR_DBSTRUCTURE_CORRUPT
• CST_ERROR_IO
• CST_ERROR_UNDEF_FILE_ERROR

CST_delete_capability

int CST_delete_capability (CST * st, const cst_t_seqnum certID, ASN1_OBJECT * oid)

Delete capabilities

Parameters

• st Pointer to storage structure
• certID the certificate ID inside the storage
• oid Capability OID

Returns

• Error code.

Errors

• CST_ERROR_PARAM_INCORRECT (if storage is NULL)
• CST_ERROR_CERT_NOTFOUND
• CST_ERROR_DBSTRUCTURE_CORRUPT
• CST_ERROR_IO
• CST_ERROR_UNDEF_FILE_ERROR
• CST_ERROR_CAPABILITY_NOTFOUND