projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
9034c56
)
Fix various typos, update SMIMECapabilities description.
author
Dr. Stephen Henson
<steve@openssl.org>
Tue, 8 Apr 2008 22:44:56 +0000
(22:44 +0000)
committer
Dr. Stephen Henson
<steve@openssl.org>
Tue, 8 Apr 2008 22:44:56 +0000
(22:44 +0000)
doc/crypto/CMS_sign_add1_signer.pod
patch
|
blob
|
history
diff --git
a/doc/crypto/CMS_sign_add1_signer.pod
b/doc/crypto/CMS_sign_add1_signer.pod
index 6513885f8fb05e0992b1704796da040bce9748ba..ee2f93a8aed8915542fbea40fa6b951a8a7c80f2 100644
(file)
--- a/
doc/crypto/CMS_sign_add1_signer.pod
+++ b/
doc/crypto/CMS_sign_add1_signer.pod
@@
-8,7
+8,7
@@
CMS_sign_add_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo sig
#include <openssl/cms.h>
#include <openssl/cms.h>
- CMS_SignerInfo *CMS_sign_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, int flags);
+ CMS_SignerInfo *CMS_sign_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md,
unsigned
int flags);
int CMS_SignerInfo_sign(CMS_SignerInfo *si);
int CMS_SignerInfo_sign(CMS_SignerInfo *si);
@@
-36,9
+36,9
@@
are both set.
=head1 NOTES
=head1 NOTES
-The main purpose of this
function is to provide finer control over a CMS
-signed data structure where the simpler CMS_sign() function defaults are
-not appropriate. For example if multiple signers or non default digest
+The main purpose of this
CMS_sign_add1_signer() is to provide finer control
+over a CMS signed data structure where the simpler CMS_sign() function defaults
+
are
not appropriate. For example if multiple signers or non default digest
algorithms are needed. New attributes can also be added using the returned
CMS_SignerInfo struture and the CMS attribute utility functions.
algorithms are needed. New attributes can also be added using the returned
CMS_SignerInfo struture and the CMS attribute utility functions.
@@
-52,8
+52,8
@@
The returned CMS_ContentInfo structure will be valid and finalized when this
flag is set.
If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the
flag is set.
If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the
-
B<CMS_SIGNER_INO>
structure will not be finalized so additional attributes
-can be added. In this case an explicit call to CMS_SignerInfo_
S
ign() is
+
CMS_SignerInfo
structure will not be finalized so additional attributes
+can be added. In this case an explicit call to CMS_SignerInfo_
s
ign() is
needed to finalize it.
If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
needed to finalize it.
If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
@@
-74,10
+74,12
@@
identifier value instead. An error occurs if the signing certificate does not
have a subject key identifier extension.
If present the SMIMECapabilities attribute indicates support for the following
have a subject key identifier extension.
If present the SMIMECapabilities attribute indicates support for the following
-algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
-these algorithms is disabled then it will not be included.
+algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192
+bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2.
+If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is
+not loaded.
-CMS_sign_add
_signers() returns an internal pointer to the CMS_SIGNER_INFO
+CMS_sign_add
1_signer() returns an internal pointer to the CMS_SignerInfo
structure just added, this can be used to set additional attributes
before it is finalized.
structure just added, this can be used to set additional attributes
before it is finalized.