Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
CMS_ADD1_RECIPIENT_CERT(3)	    OpenSSL	    CMS_ADD1_RECIPIENT_CERT(3)

NAME
       CMS_add1_recipient_cert,	CMS_add0_recipient_key - add recipients	to a
       CMS enveloped data structure

SYNOPSIS
	#include <openssl/cms.h>

	CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
						   X509	*recip,	unsigned int flags);

	CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms,	int nid,
						  unsigned char	*key, size_t keylen,
						  unsigned char	*id, size_t idlen,
						  ASN1_GENERALIZEDTIME *date,
						  ASN1_OBJECT *otherTypeId,
						  ASN1_TYPE *otherType);

DESCRIPTION
       CMS_add1_recipient_cert() adds recipient	recip to CMS_ContentInfo
       enveloped data structure	cms as a KeyTransRecipientInfo structure.

       CMS_add0_recipient_key()	adds symmetric key key of length keylen	using
       wrapping	algorithm nid, identifier id of	length idlen and optional
       values date, otherTypeId	and otherType to CMS_ContentInfo enveloped
       data structure cms as a KEKRecipientInfo	structure.

       The CMS_ContentInfo structure should be obtained	from an	initial	call
       to CMS_encrypt()	with the flag CMS_PARTIAL set.

NOTES
       The main	purpose	of this	function is to provide finer control over a
       CMS enveloped data structure where the simpler CMS_encrypt() function
       defaults	are not	appropriate. For example if one	or more
       KEKRecipientInfo	structures need	to be added. New attributes can	also
       be added	using the returned CMS_RecipientInfo structure and the CMS
       attribute utility functions.

       OpenSSL will by default identify	recipient certificates using issuer
       name and	serial number. If CMS_USE_KEYID	is set it will use the subject
       key identifier value instead. An	error occurs if	all recipient
       certificates do not have	a subject key identifier extension.

       Currently only AES based	key wrapping algorithms	are supported for nid,
       specifically: NID_id_aes128_wrap, NID_id_aes192_wrap and
       NID_id_aes256_wrap.  If nid is set to NID_undef then an AES wrap
       algorithm will be used consistent with keylen.

RETURN VALUES
       CMS_add1_recipient_cert() and CMS_add0_recipient_key() return an
       internal	pointer	to the CMS_RecipientInfo structure just	added or NULL
       if an error occurs.

SEE ALSO
       ERR_get_error(3), CMS_decrypt(3), CMS_final(3),

COPYRIGHT
       Copyright 2008-2016 The OpenSSL Project Authors.	All Rights Reserved.

       Licensed	under the OpenSSL license (the "License").  You	may not	use
       this file except	in compliance with the License.	 You can obtain	a copy
       in the file LICENSE in the source distribution or at
       <https://www.openssl.org/source/license.html>.

1.1.1k				  2021-03-25	    CMS_ADD1_RECIPIENT_CERT(3)

NAME | SYNOPSIS | DESCRIPTION | NOTES | RETURN VALUES | SEE ALSO | COPYRIGHT

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=CMS_add1_recipient_cert&sektion=3&manpath=FreeBSD+13.0-RELEASE+and+Ports>

home | help