Summary: Isode provides a number of APIs which allow integrators and product developers to build components that access the Isode Messaging server products or other products supporting the same protocols.
Message Security Attributes

Macros

#define X400_S_SEC_IDENTITY   180
 
#define X400_B_SEC_GEN_MOAC   181
 
#define X400_S_SEC_IDENTITY_PASSPHRASE   182
 
#define X400_S_SEC_IDENTITY_DN   183
 
#define X400_S_SEC_ENV   186
 
#define X400_S_MOAC   187
 
#define X400_N_MOAC_STATUS   188
 
#define X400_S_CERT_INFO   189
 
#define X400_S_SEC_IDENTITY_FILE   190
 
#define X400_S_SEC_TRUSTED_CERTS_DIR   191
 
#define X400_S_SEC_SECURITY_DB   192
 
#define X400_S_SEC_SECURITY_PASSPHRASE   193
 
#define X400_S_SEC_SIGNING_URI   194
 
#define X400_S_SECURITY_ENV   195
 
#define X400_N_S4406   440600
 
#define X400_N_S4406_STATUS   440601
 
#define X400_S_S4406_STATUS_DETAIL   440602
 
#define X400_S_S4406_SECURITY_LABEL   440603
 
#define X400_N_S4406_CERTIFICATE   440604
 
#define X400_S_S4406_SIGNING_TIME   440605
 
#define X400_B_SEC_GEN_MESSAGE_TOKEN   1700
 
#define X400_B_SEC_ADD_CERT_PATH   1701
 
#define X400_B_SEC_CONTENT_INTEGRITY_CHECK   1702
 
#define X400_N_MSGTOK_STATUS   1710
 
#define X400_S_MSGTOK_DER   1716
 
#define X400_N_MSGTOK_SEQ_NUM   1717
 
#define X400_S_MSGTOK_RECIP   1718
 
#define X400_S_MSGTOK_SEC_LAB   1719
 
#define X400_N_MSGTOK_PODR_STATUS   1721
 
#define X400_N_MSGTOK_SEC_LAB_STATUS   1722
 
#define X400_N_MSGTOK_RECIP_STATUS   1723
 
#define X400_N_MSGTOK_CIC_STATUS   1724
 
#define X400_S_MSGTOK_CIC   1726
 

Detailed Description

These #defines are used to provide the security environment used to sign messages and verify signatures. (NB Message Tokens used to provide signatures on a per recipient basis are in a different section). All these attributes apart from X400_B_SEC_GEN_MOAC can be specified in the Message object using X400msMsgAddStrParam() or X400msMsgAddIntParam(). They can also be specified in the default object using X400SetStrDefault() or X400SetIntDefault. X400_B_SEC_GEN_MOAC can only be set using X400msMsgAddIntParam().

Values in the Message object override those set in the Default object.

The values are all ignored when the message is constructed unless X400_B_SEC_GEN_MOAC is set in the Message object.

If X400_B_SEC_GEN_MOAC is set in the Message object, then a valid security environment must have been set up (see the X.509 Setup Guide). The other attributes must be passed in to point to this security environment.

Previously only Digital Identities in a directory called "x509" can be used. The parent directory is passed into X400_S_SEC_IDENTITY.

The preferred way to get the security environment is to use the X400_S_SEC_IDENTITY_FILE attribute which specifies a specific PKCS12 file.

These #defines are used to provide the security environment used to sign messages and verify signatures using Message Tokens to provide signatures on a per recipient basis. All these attributes apart from X400_B_SEC_GEN_MESSAGE_TOKEN can be specified

  • in the Message object using X400msMsgAddStrParam() or X400msMsgAddIntParam().
  • in the Recipient object using X400msRecipAddStrParam() or X400msRecipAddIntParam(). They can also be specified in the default object using X400SetStrDefault() or X400SetIntDefault. X400_B_SEC_GEN_MESSAGE_TOKEN can only be set by X400msRecipAddIntParam().

Values in the Message object override those set in the Default object. Values in the Recipient object override those set in the Message object.

The values are all ignored when the message is constructed unless the X400_B_SEC_GEN_MESSAGE_TOKEN is set in the Recipient object.

If X400_B_SEC_GEN_MESSAGE_TOKEN is set in the Recipient object, then a valid security environment must have been set up. (see the X.509 Setup Guide). The other attributes must be passed in to point to this security environment.

Currently only Digital Identities in a directory called "x509" can be used. This parent directory is passed in X400_S_SEC_IDENTITY.

Macro Definition Documentation

#define X400_S_SEC_IDENTITY   180
Deprecated:
Directory in which to search for Identities: Looks in x509 Sub Directory, obsolescent: use X400_S_SEC_IDENTITY_FILE

Definition at line 551 of file x400_att.h.

#define X400_B_SEC_GEN_MOAC   181

Generate MOAC 0: no (default), 1: yes

Definition at line 554 of file x400_att.h.

#define X400_S_SEC_IDENTITY_PASSPHRASE   182

Passphrase to open Identity

Definition at line 557 of file x400_att.h.

#define X400_S_SEC_IDENTITY_DN   183
Deprecated:
DN in Certificate - obsolescent: use X400_S_SEC_IDENTITY_FILE

Definition at line 560 of file x400_att.h.

#define X400_S_SEC_ENV   186

For internal use only

Definition at line 563 of file x400_att.h.

#define X400_S_MOAC   187

X.400 Message Origin Authentication Check

Examples:
examples/x400_mtrcv.c, and examples/x400_mtsend.c.

Definition at line 566 of file x400_att.h.

#define X400_N_MOAC_STATUS   188

Status of MOAC in message

Definition at line 569 of file x400_att.h.

#define X400_S_CERT_INFO   189

For internal use only

Definition at line 572 of file x400_att.h.

#define X400_S_SEC_IDENTITY_FILE   190

Names the PKCS12 files - preferred to obsolescent X400_S_SEC_IDENTITY_DN and X400_S_SEC_IDENTITY

Definition at line 575 of file x400_att.h.

#define X400_S_SEC_TRUSTED_CERTS_DIR   191

Directory containing trusted Certificates. Needed when verifying signatures using Certificates issued by CAs other than the verifier

Definition at line 578 of file x400_att.h.

#define X400_S_SEC_SECURITY_DB   192

Name of security DB file to provide the security environment

Definition at line 581 of file x400_att.h.

#define X400_S_SEC_SECURITY_PASSPHRASE   193

Passphrase to access security DB file

Definition at line 584 of file x400_att.h.

#define X400_S_SEC_SIGNING_URI   194

URI for the signing certificate/key to be used for signing The value should correspond to the name of an entity in the security DB

Definition at line 587 of file x400_att.h.

#define X400_S_SECURITY_ENV   195

For internal use only

Definition at line 592 of file x400_att.h.

#define X400_N_S4406   440600

STANAG 4406 security control. For message creation the attribute controls what elements are used. For a received message, it reports the security elements in the message. Currently supported values are: 0 - no security elements X400_N_S4406_SINGLE_WRAP - Single wrap signing, compatible with PCT.

Definition at line 595 of file x400_att.h.

#define X400_N_S4406_STATUS   440601

Status of security for S4406 signed message. For an S4406 message this gives the status for the verification of the signing Not present in a non-S4406 secured message.

Definition at line 604 of file x400_att.h.

#define X400_S_S4406_STATUS_DETAIL   440602

Detail for status of S4406 signed message. This is a message string giving more detail about a verification failure.

Definition at line 610 of file x400_att.h.

#define X400_S_S4406_SECURITY_LABEL   440603

Label for S4406 signed message. The value should be the binary encoding of an ESS Label

Definition at line 615 of file x400_att.h.

#define X400_N_S4406_CERTIFICATE   440604

Certificate from S4406 signed message. Used with X400MsgGetCert()

Definition at line 620 of file x400_att.h.

#define X400_S_S4406_SIGNING_TIME   440605

Signing time from S4406 signed message. In UTCTime format.

Definition at line 625 of file x400_att.h.

#define X400_B_SEC_GEN_MESSAGE_TOKEN   1700

Generate Message Token 0: no (default), 1: yes

Definition at line 1388 of file x400_att.h.

#define X400_B_SEC_ADD_CERT_PATH   1701

Include Certificate Path when generating Message Token 0: no (default), 1: yes

Definition at line 1391 of file x400_att.h.

#define X400_B_SEC_CONTENT_INTEGRITY_CHECK   1702

Add Content Integrity Extension and use in Message Token: no (default), 1: yes

Definition at line 1394 of file x400_att.h.

#define X400_N_MSGTOK_STATUS   1710

Status of recipient Message Token - See below for possible values

Examples:
examples/x400_mtrcv.c.

Definition at line 1399 of file x400_att.h.

#define X400_S_MSGTOK_DER   1716

Token in recipient when verifying a Message Token signature

Examples:
examples/x400_mtrcv.c.

Definition at line 1402 of file x400_att.h.

#define X400_N_MSGTOK_SEQ_NUM   1717

Sequence number in Message Token

Examples:
examples/x400_mtrcv.c.

Definition at line 1405 of file x400_att.h.

#define X400_S_MSGTOK_RECIP   1718

Recipient in Message Token

Examples:
examples/x400_mtrcv.c.

Definition at line 1408 of file x400_att.h.

#define X400_S_MSGTOK_SEC_LAB   1719

Security Label in Message Token

Examples:
examples/x400_mtrcv.c.

Definition at line 1411 of file x400_att.h.

#define X400_N_MSGTOK_PODR_STATUS   1721

Information about PODR in Token and Envelope

Definition at line 1414 of file x400_att.h.

#define X400_N_MSGTOK_SEC_LAB_STATUS   1722

Information about Security Label in Token and Envelope

Definition at line 1417 of file x400_att.h.

#define X400_N_MSGTOK_RECIP_STATUS   1723

Information about Recipient in Token and Envelope

Definition at line 1420 of file x400_att.h.

#define X400_N_MSGTOK_CIC_STATUS   1724

Status of CIC in Message Token

Definition at line 1423 of file x400_att.h.

#define X400_S_MSGTOK_CIC   1726

Content Integrity Check DER from Message Token

Examples:
examples/x400_mtrcv.c.

Definition at line 1426 of file x400_att.h.