Loading doc/crypto/CMS_sign_add1_signer.pod +11 −9 Original line number Diff line number Diff line Loading @@ -8,7 +8,7 @@ CMS_sign_add_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo sig #include <openssl/cms.h> CMS_SignerInfo *CMS_sign_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, int flags); CMS_SignerInfo *CMS_sign_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, unsigned int flags); int CMS_SignerInfo_sign(CMS_SignerInfo *si); Loading Loading @@ -36,9 +36,9 @@ are both set. =head1 NOTES The main purpose of this function is to provide finer control over a CMS signed data structure where the simpler CMS_sign() function defaults are not appropriate. For example if multiple signers or non default digest The main purpose of this CMS_sign_add1_signer() is to provide finer control over a CMS signed data structure where the simpler CMS_sign() function defaults are not appropriate. For example if multiple signers or non default digest algorithms are needed. New attributes can also be added using the returned CMS_SignerInfo struture and the CMS attribute utility functions. Loading @@ -52,8 +52,8 @@ The returned CMS_ContentInfo structure will be valid and finalized when this flag is set. If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the B<CMS_SIGNER_INO> structure will not be finalized so additional attributes can be added. In this case an explicit call to CMS_SignerInfo_Sign() is CMS_SignerInfo structure will not be finalized so additional attributes can be added. In this case an explicit call to CMS_SignerInfo_sign() is needed to finalize it. If B<CMS_NOCERTS> is set the signer's certificate will not be included in the Loading @@ -74,10 +74,12 @@ identifier value instead. An error occurs if the signing certificate does not have a subject key identifier extension. If present the SMIMECapabilities attribute indicates support for the following algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of these algorithms is disabled then it will not be included. algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192 bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is not loaded. CMS_sign_add_signers() returns an internal pointer to the CMS_SIGNER_INFO CMS_sign_add1_signer() returns an internal pointer to the CMS_SignerInfo structure just added, this can be used to set additional attributes before it is finalized. Loading Loading
doc/crypto/CMS_sign_add1_signer.pod +11 −9 Original line number Diff line number Diff line Loading @@ -8,7 +8,7 @@ CMS_sign_add_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo sig #include <openssl/cms.h> CMS_SignerInfo *CMS_sign_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, int flags); CMS_SignerInfo *CMS_sign_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, unsigned int flags); int CMS_SignerInfo_sign(CMS_SignerInfo *si); Loading Loading @@ -36,9 +36,9 @@ are both set. =head1 NOTES The main purpose of this function is to provide finer control over a CMS signed data structure where the simpler CMS_sign() function defaults are not appropriate. For example if multiple signers or non default digest The main purpose of this CMS_sign_add1_signer() is to provide finer control over a CMS signed data structure where the simpler CMS_sign() function defaults are not appropriate. For example if multiple signers or non default digest algorithms are needed. New attributes can also be added using the returned CMS_SignerInfo struture and the CMS attribute utility functions. Loading @@ -52,8 +52,8 @@ The returned CMS_ContentInfo structure will be valid and finalized when this flag is set. If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the B<CMS_SIGNER_INO> structure will not be finalized so additional attributes can be added. In this case an explicit call to CMS_SignerInfo_Sign() is CMS_SignerInfo structure will not be finalized so additional attributes can be added. In this case an explicit call to CMS_SignerInfo_sign() is needed to finalize it. If B<CMS_NOCERTS> is set the signer's certificate will not be included in the Loading @@ -74,10 +74,12 @@ identifier value instead. An error occurs if the signing certificate does not have a subject key identifier extension. If present the SMIMECapabilities attribute indicates support for the following algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of these algorithms is disabled then it will not be included. algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192 bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is not loaded. CMS_sign_add_signers() returns an internal pointer to the CMS_SIGNER_INFO CMS_sign_add1_signer() returns an internal pointer to the CMS_SignerInfo structure just added, this can be used to set additional attributes before it is finalized. Loading
