Dr. Stephen Henson wrote:
On Wed, Apr 08, 2009, Gary Kennedy wrote:
Specifically, I'm after the version & digestAlgorithms fields of the
signed-data CMS structure, (read-only at this stage).
How may I go about accessing these fields without 'illegally' including the
cms_lcl.h header?
You can't at present as there isn't a function to access them.
Why do you need to access those btw?
To perform strict validation of a CMS message before it goes further
into the application. Specifically the ROA/BOA/AAO/etc products of
resource certification.
It's not set in stone at the moment though, so we'll see what happens :)
On a more general basis, why are these structures obscured? (Apart from the
'prevent-shooting-in-foot' reason - which I've already done with all the
other structures, like X509)
The main reason is to stop applications manually accessing the structure
fields. If the structure needs to be updated in future for newer versions of
CMS we can freely change the structure size and add, delete or modify fields
without breaking applications or introducing binary compatibility issues.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
--
Gary Kennedy email: g...@apnic.net
Software Engineer, APNIC
http://www.apnic.net phone: +61 7 3858 3100
________________________________________________________________________
* Sent by email to save paper. Print only if necessary.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
