mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-27 02:43:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix various typos, update SMIMECapabilities description.

Browse Source
This commit is contained in:
Dr. Stephen Henson 2008-04-08 22:44:56 +00:00
parent 9034c56c6c
commit 86173db853
1 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
doc/crypto/CMS_sign_add1_signer.pod
View File

@ -8,7 +8,7 @@ CMS_sign_add_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo sig
#include <openssl/cms.h>
CMS_SignerInfo *CMS_sign_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, int flags);
CMS_SignerInfo *CMS_sign_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, unsigned int flags);
int CMS_SignerInfo_sign(CMS_SignerInfo *si);
@ -36,9 +36,9 @@ are both set.
=head1 NOTES
The main purpose of this function is to provide finer control over a CMS
signed data structure where the simpler CMS_sign() function defaults are
not appropriate. For example if multiple signers or non default digest
The main purpose of this CMS_sign_add1_signer() is to provide finer control
over a CMS signed data structure where the simpler CMS_sign() function defaults
are not appropriate. For example if multiple signers or non default digest
algorithms are needed. New attributes can also be added using the returned
CMS_SignerInfo struture and the CMS attribute utility functions.
@ -52,8 +52,8 @@ The returned CMS_ContentInfo structure will be valid and finalized when this
flag is set.
If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the
B<CMS_SIGNER_INO> structure will not be finalized so additional attributes
can be added. In this case an explicit call to CMS_SignerInfo_Sign() is
CMS_SignerInfo structure will not be finalized so additional attributes
can be added. In this case an explicit call to CMS_SignerInfo_sign() is
needed to finalize it.
If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
@ -74,10 +74,12 @@ identifier value instead. An error occurs if the signing certificate does not
have a subject key identifier extension.
If present the SMIMECapabilities attribute indicates support for the following
algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
these algorithms is disabled then it will not be included.
algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192
bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2.
If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is
not loaded.
CMS_sign_add_signers() returns an internal pointer to the CMS_SIGNER_INFO
CMS_sign_add1_signer() returns an internal pointer to the CMS_SignerInfo
structure just added, this can be used to set additional attributes
before it is finalized.