Spellcheck CMS docs.
This commit is contained in:
parent
6469a1fda3
commit
c420fab52b
@ -20,7 +20,7 @@ structure.
|
|||||||
|
|
||||||
CMS_add0_recipient_key() adds symmetric key B<key> of length B<keylen> using
|
CMS_add0_recipient_key() adds symmetric key B<key> of length B<keylen> using
|
||||||
wrapping algorithm B<nid>, identifier B<id> or length B<idlen> and optional
|
wrapping algorithm B<nid>, identifier B<id> or length B<idlen> and optional
|
||||||
values B<date>, B<otherTypeId> abd B<otherType> to CMS_ContentInfo enveloped
|
values B<date>, B<otherTypeId> and B<otherType> to CMS_ContentInfo enveloped
|
||||||
data structure B<cms> as a KEKRecipientInfo structure.
|
data structure B<cms> as a KEKRecipientInfo structure.
|
||||||
|
|
||||||
The CMS_ContentInfo structure should be obtained from an initial call to
|
The CMS_ContentInfo structure should be obtained from an initial call to
|
||||||
|
@ -30,7 +30,7 @@ needed to locate the appropriate (of possible several) recipients in the CMS
|
|||||||
structure. If B<cert> is set to NULL all possible recipients are tried.
|
structure. If B<cert> is set to NULL all possible recipients are tried.
|
||||||
|
|
||||||
It is possible to determine the correct recipient key by other means (for
|
It is possible to determine the correct recipient key by other means (for
|
||||||
example looking them up in a database) and settin them in the CMS strutucre
|
example looking them up in a database) and setting them in the CMS structure
|
||||||
in advance using the CMS utility functions such as CMS_set1_pkey(). In this
|
in advance using the CMS utility functions such as CMS_set1_pkey(). In this
|
||||||
case both B<cert> and B<pkey> should be set to NULL.
|
case both B<cert> and B<pkey> should be set to NULL.
|
||||||
|
|
||||||
|
@ -76,7 +76,7 @@ PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization
|
|||||||
can be performed by obtaining the streaming ASN1 B<BIO> directly using
|
can be performed by obtaining the streaming ASN1 B<BIO> directly using
|
||||||
BIO_new_CMS().
|
BIO_new_CMS().
|
||||||
|
|
||||||
The receipients specified in B<certs> use a CMS KeyTransRecipientInfo info
|
The recipients specified in B<certs> use a CMS KeyTransRecipientInfo info
|
||||||
structure. KEKRecipientInfo is also supported using the flag B<CMS_PARTIAL>
|
structure. KEKRecipientInfo is also supported using the flag B<CMS_PARTIAL>
|
||||||
and CMS_add0_recipient_key().
|
and CMS_add0_recipient_key().
|
||||||
|
|
||||||
|
@ -35,7 +35,7 @@ identifier associated with a specific CMS_RecipientInfo structure B<ri>, which
|
|||||||
must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in
|
must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in
|
||||||
B<keyid> or B<both> issuer name and serial number in B<issuer> and B<sno>.
|
B<keyid> or B<both> issuer name and serial number in B<issuer> and B<sno>.
|
||||||
|
|
||||||
CMS_RecipientInfo_ktri_cert_cmp() compares the cerificate B<cert> against the
|
CMS_RecipientInfo_ktri_cert_cmp() compares the certificate B<cert> against the
|
||||||
CMS_RecipientInfo structure B<ri>, which must be of type CMS_RECIPINFO_TRANS.
|
CMS_RecipientInfo structure B<ri>, which must be of type CMS_RECIPINFO_TRANS.
|
||||||
It returns zero if the comparison is successful and non zero if not.
|
It returns zero if the comparison is successful and non zero if not.
|
||||||
|
|
||||||
@ -91,7 +91,7 @@ CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and
|
|||||||
CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs.
|
CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs.
|
||||||
|
|
||||||
CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0
|
CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0
|
||||||
for a successul comparison and non zero otherwise.
|
for a successful comparison and non zero otherwise.
|
||||||
|
|
||||||
Any error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
|
Any error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
|
||||||
|
|
||||||
|
@ -26,7 +26,7 @@ associated with a specific CMS_SignerInfo structure B<si>. Either the
|
|||||||
keyidentifier will be set in B<keyid> or B<both> issuer name and serial number
|
keyidentifier will be set in B<keyid> or B<both> issuer name and serial number
|
||||||
in B<issuer> and B<sno>.
|
in B<issuer> and B<sno>.
|
||||||
|
|
||||||
CMS_SignerInfo_cert_cmp() compares the cerificate B<cert> against the signer
|
CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer
|
||||||
identifier B<si>. It returns zero if the comparison is successful and non zero
|
identifier B<si>. It returns zero if the comparison is successful and non zero
|
||||||
if not.
|
if not.
|
||||||
|
|
||||||
|
@ -16,11 +16,11 @@
|
|||||||
|
|
||||||
CMS_get0_type() returns the content type of a CMS_ContentInfo structure as
|
CMS_get0_type() returns the content type of a CMS_ContentInfo structure as
|
||||||
and ASN1_OBJECT pointer. An application can then decide how to process the
|
and ASN1_OBJECT pointer. An application can then decide how to process the
|
||||||
CMS_ContentInfo strutucture based on this value.
|
CMS_ContentInfo structure based on this value.
|
||||||
|
|
||||||
CMS_set1_eContentType() sets the embedded content type of a CMS_ContentInfo
|
CMS_set1_eContentType() sets the embedded content type of a CMS_ContentInfo
|
||||||
structure. It should be called with CMS functions with the B<CMS_PARTIAL>
|
structure. It should be called with CMS functions with the B<CMS_PARTIAL>
|
||||||
flag and B<before> the strutucre is finalised, otherwise the results are
|
flag and B<before> the structure is finalised, otherwise the results are
|
||||||
undefined.
|
undefined.
|
||||||
|
|
||||||
ASN1_OBJECT *CMS_get0_eContentType() returns a pointer to the embedded
|
ASN1_OBJECT *CMS_get0_eContentType() returns a pointer to the embedded
|
||||||
|
@ -24,7 +24,7 @@ option in B<receiptsFrom> is used. The B<receiptsTo> parameter specifies the
|
|||||||
B<receiptsTo> field value.
|
B<receiptsTo> field value.
|
||||||
|
|
||||||
The CMS_add1_ReceiptRequest() function adds a signed receipt request B<rr>
|
The CMS_add1_ReceiptRequest() function adds a signed receipt request B<rr>
|
||||||
to SignerInfo strutucre B<si>.
|
to SignerInfo structure B<si>.
|
||||||
|
|
||||||
int CMS_get1_ReceiptRequest() looks for a signed receipt request in B<si>, if
|
int CMS_get1_ReceiptRequest() looks for a signed receipt request in B<si>, if
|
||||||
any is found it is decoded and written to B<prr>.
|
any is found it is decoded and written to B<prr>.
|
||||||
|
@ -13,7 +13,7 @@ CMS_sign - create a CMS SignedData structure
|
|||||||
=head1 DESCRIPTION
|
=head1 DESCRIPTION
|
||||||
|
|
||||||
CMS_sign() creates and returns a CMS SignedData structure. B<signcert> is
|
CMS_sign() creates and returns a CMS SignedData structure. B<signcert> is
|
||||||
the certificate to sign with, B<pkey> is the corresponsding private key.
|
the certificate to sign with, B<pkey> is the corresponding private key.
|
||||||
B<certs> is an optional additional set of certificates to include in the CMS
|
B<certs> is an optional additional set of certificates to include in the CMS
|
||||||
structure (for example any intermediate CAs in the chain). Any or all of
|
structure (for example any intermediate CAs in the chain). Any or all of
|
||||||
these parameters can be B<NULL>, see B<NOTES> below.
|
these parameters can be B<NULL>, see B<NOTES> below.
|
||||||
@ -114,6 +114,6 @@ L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_verify(3)|CMS_verify(3)>
|
|||||||
CMS_sign() was added to OpenSSL 0.9.8
|
CMS_sign() was added to OpenSSL 0.9.8
|
||||||
|
|
||||||
The B<CMS_STREAM> flag is only supported for detached data in OpenSSL 0.9.8,
|
The B<CMS_STREAM> flag is only supported for detached data in OpenSSL 0.9.8,
|
||||||
it is supportd for embedded data in OpenSSL 0.9.9 and later.
|
it is supported for embedded data in OpenSSL 0.9.9 and later.
|
||||||
|
|
||||||
=cut
|
=cut
|
||||||
|
@ -40,14 +40,14 @@ The main purpose of this CMS_sign_add1_signer() is to provide finer control
|
|||||||
over a CMS signed data structure where the simpler CMS_sign() function defaults
|
over a CMS signed data structure where the simpler CMS_sign() function defaults
|
||||||
are not appropriate. For example if multiple signers or non default digest
|
are not appropriate. For example if multiple signers or non default digest
|
||||||
algorithms are needed. New attributes can also be added using the returned
|
algorithms are needed. New attributes can also be added using the returned
|
||||||
CMS_SignerInfo struture and the CMS attribute utility functions or the
|
CMS_SignerInfo structure and the CMS attribute utility functions or the
|
||||||
CMS signed receipt request functions.
|
CMS signed receipt request functions.
|
||||||
|
|
||||||
Any of the following flags (ored together) can be passed in the B<flags>
|
Any of the following flags (ored together) can be passed in the B<flags>
|
||||||
parameter.
|
parameter.
|
||||||
|
|
||||||
If B<CMS_REUSE_DIGEST> is set then an attempt is made to copy the content
|
If B<CMS_REUSE_DIGEST> is set then an attempt is made to copy the content
|
||||||
digest value from the CMS_ContentInfo struture: to add a signer to an existing
|
digest value from the CMS_ContentInfo structure: to add a signer to an existing
|
||||||
structure. An error occurs if a matching digest value cannot be found to copy.
|
structure. An error occurs if a matching digest value cannot be found to copy.
|
||||||
The returned CMS_ContentInfo structure will be valid and finalized when this
|
The returned CMS_ContentInfo structure will be valid and finalized when this
|
||||||
flag is set.
|
flag is set.
|
||||||
|
@ -16,7 +16,7 @@ CMS_verify - verify a CMS SignedData structure
|
|||||||
|
|
||||||
CMS_verify() verifies a CMS SignedData structure. B<cms> is the CMS_ContentInfo
|
CMS_verify() verifies a CMS SignedData structure. B<cms> is the CMS_ContentInfo
|
||||||
structure to verify. B<certs> is a set of certificates in which to search for
|
structure to verify. B<certs> is a set of certificates in which to search for
|
||||||
the signer's certificate. B<store> is a trusted certficate store (used for
|
the signer's certificate. B<store> is a trusted certificate store (used for
|
||||||
chain verification). B<indata> is the signed data if the content is not
|
chain verification). B<indata> is the signed data if the content is not
|
||||||
present in B<cms> (that is it is detached). The content is written to B<out>
|
present in B<cms> (that is it is detached). The content is written to B<out>
|
||||||
if it is not NULL.
|
if it is not NULL.
|
||||||
@ -25,7 +25,7 @@ B<flags> is an optional set of flags, which can be used to modify the verify
|
|||||||
operation.
|
operation.
|
||||||
|
|
||||||
CMS_get0_signers() retrieves the signer's certificate(s) from B<cms>, it must
|
CMS_get0_signers() retrieves the signer's certificate(s) from B<cms>, it must
|
||||||
be called after a succeful CMS_verify() operation.
|
be called after a successful CMS_verify() operation.
|
||||||
|
|
||||||
=head1 VERIFY PROCESS
|
=head1 VERIFY PROCESS
|
||||||
|
|
||||||
@ -101,7 +101,7 @@ timestamp).
|
|||||||
=head1 RETURN VALUES
|
=head1 RETURN VALUES
|
||||||
|
|
||||||
CMS_verify() returns 1 for a successful verification and zero if an error
|
CMS_verify() returns 1 for a successful verification and zero if an error
|
||||||
occured.
|
occurred.
|
||||||
|
|
||||||
CMS_get0_signers() returns all signers or B<NULL> if an error occurred.
|
CMS_get0_signers() returns all signers or B<NULL> if an error occurred.
|
||||||
|
|
||||||
|
@ -40,7 +40,7 @@ the data must be read twice: once to compute the signature in CMS_sign()
|
|||||||
and once to output the S/MIME message.
|
and once to output the S/MIME message.
|
||||||
|
|
||||||
If streaming is performed the content is output in BER format using indefinite
|
If streaming is performed the content is output in BER format using indefinite
|
||||||
length constructuted encoding except in the case of signed data with detached
|
length constructed encoding except in the case of signed data with detached
|
||||||
content where the content is absent and DER format is used.
|
content where the content is absent and DER format is used.
|
||||||
|
|
||||||
=head1 BUGS
|
=head1 BUGS
|
||||||
|
Loading…
Reference in New Issue
Block a user