=head1 NAME
-CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_get1_crls
+CMS_add0_cert, CMS_add1_cert, CMS_get1_certs,
+CMS_add0_crl, CMS_add1_crl, CMS_get1_crls
- CMS certificate and CRL utility functions
=head1 SYNOPSIS
=head1 DESCRIPTION
-CMS_add0_cert() and CMS_add1_cert() add certificate B<cert> to B<cms>.
-must be of type signed data or enveloped data.
+CMS_add0_cert() and CMS_add1_cert() add certificate I<cert> to I<cms>.
+I<cms> must be of type signed data or (authenticated) enveloped data.
+For signed data, such a certificate can be used to fill in the signer
+certificate and may also be helpful for chain building in certificate validation.
-CMS_get1_certs() returns all certificates in B<cms>.
+CMS_get1_certs() returns all certificates in I<cms>.
-CMS_add0_crl() and CMS_add1_crl() add CRL B<crl> to B<cms>. CMS_get1_crls()
-returns any CRLs in B<cms>.
+CMS_add0_crl() and CMS_add1_crl() add CRL I<crl> to I<cms>.
+I<cms> must be of type signed data or (authenticated) enveloped data.
+For signed data, such a CRL may be used in certificate validation.
+
+CMS_get1_crls() returns all CRLs in I<cms>.
=head1 NOTES
-The CMS_ContentInfo structure B<cms> must be of type signed data or enveloped
-data or an error will be returned.
+The CMS_ContentInfo structure I<cms> must be of type signed data or enveloped
+data or authenticated enveloped data or an error will be returned.
-For signed data certificates and CRLs are added to the B<certificates> and
-B<crls> fields of SignedData structure. For enveloped data they are added to
-B<OriginatorInfo>.
+For signed data, certificates and CRLs are added to the I<certificates> and
+I<crls> fields of SignedData structure.
+For enveloped data they are added to B<OriginatorInfo>.
-As the B<0> implies CMS_add0_cert() adds B<cert> internally to B<cms> and it
-must not be freed up after the call as opposed to CMS_add1_cert() where B<cert>
+As the 0 implies, CMS_add0_cert() adds I<cert> internally to I<cms> and it
+must not be freed up after the call as opposed to CMS_add1_cert() where I<cert>
must be freed up.
The same certificate or CRL must not be added to the same cms structure more
CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs
or NULL if there are none or an error occurs. The only error which will occur
-in practice is if the B<cms> type is invalid.
+in practice is if the I<cms> type is invalid.
=head1 SEE ALSO