]>
Commit | Line | Data |
---|---|---|
e33ffaca DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
c952780c RS |
5 | CMS_SignerInfo_set1_signer_cert, |
6 | CMS_get0_SignerInfos, CMS_SignerInfo_get0_signer_id, | |
3ba4dac6 | 7 | CMS_SignerInfo_get0_signature, CMS_SignerInfo_cert_cmp |
c952780c | 8 | - CMS signedData signer functions |
e33ffaca DSH |
9 | |
10 | =head1 SYNOPSIS | |
11 | ||
12 | #include <openssl/cms.h> | |
13 | ||
14 | STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms); | |
15 | ||
e9b77246 BB |
16 | int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid, |
17 | X509_NAME **issuer, ASN1_INTEGER **sno); | |
da15c616 | 18 | ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si); |
e33ffaca DSH |
19 | int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert); |
20 | void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer); | |
21 | ||
22 | =head1 DESCRIPTION | |
23 | ||
24 | The function CMS_get0_SignerInfos() returns all the CMS_SignerInfo structures | |
25 | associated with a CMS signedData structure. | |
26 | ||
27 | CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier | |
28 | associated with a specific CMS_SignerInfo structure B<si>. Either the | |
29 | keyidentifier will be set in B<keyid> or B<both> issuer name and serial number | |
30 | in B<issuer> and B<sno>. | |
31 | ||
1bc74519 | 32 | CMS_SignerInfo_get0_signature() retrieves the signature associated with |
da15c616 DSH |
33 | B<si> in a pointer to an ASN1_OCTET_STRING structure. This pointer returned |
34 | corresponds to the internal signature value if B<si> so it may be read or | |
35 | modified. | |
36 | ||
c420fab5 | 37 | CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer |
e33ffaca DSH |
38 | identifier B<si>. It returns zero if the comparison is successful and non zero |
39 | if not. | |
40 | ||
41 | CMS_SignerInfo_set1_signer_cert() sets the signers certificate of B<si> to | |
42 | B<signer>. | |
43 | ||
44 | =head1 NOTES | |
45 | ||
46 | The main purpose of these functions is to enable an application to lookup | |
47 | signers certificates using any appropriate technique when the simpler method | |
48 | of CMS_verify() is not appropriate. | |
49 | ||
50 | In typical usage and application will retrieve all CMS_SignerInfo structures | |
51 | using CMS_get0_SignerInfo() and retrieve the identifier information using | |
52 | CMS. It will then obtain the signer certificate by some unspecified means | |
53 | (or return and error if it cannot be found) and set it using | |
54 | CMS_SignerInfo_set1_signer_cert(). | |
55 | ||
56 | Once all signer certificates have been set CMS_verify() can be used. | |
57 | ||
34e4a964 | 58 | Although CMS_get0_SignerInfos() can return NULL if an error occurs B<or> if |
e33ffaca DSH |
59 | there are no signers this is not a problem in practice because the only |
60 | error which can occur is if the B<cms> structure is not of type signedData | |
61 | due to application error. | |
62 | ||
63 | =head1 RETURN VALUES | |
64 | ||
65 | CMS_get0_SignerInfos() returns all CMS_SignerInfo structures, or NULL there | |
66 | are no signers or an error occurs. | |
67 | ||
68 | CMS_SignerInfo_get0_signer_id() returns 1 for success and 0 for failure. | |
69 | ||
70 | CMS_SignerInfo_cert_cmp() returns 0 for a successful comparison and non | |
71 | zero otherwise. | |
72 | ||
73 | CMS_SignerInfo_set1_signer_cert() does not return a value. | |
74 | ||
9b86974e | 75 | Any error can be obtained from L<ERR_get_error(3)> |
e33ffaca DSH |
76 | |
77 | =head1 SEE ALSO | |
78 | ||
9b86974e | 79 | L<ERR_get_error(3)>, L<CMS_verify(3)> |
e33ffaca | 80 | |
e2f92610 RS |
81 | =head1 COPYRIGHT |
82 | ||
83cf7abf | 83 | Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 84 | |
4746f25a | 85 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
86 | this file except in compliance with the License. You can obtain a copy |
87 | in the file LICENSE in the source distribution or at | |
88 | L<https://www.openssl.org/source/license.html>. | |
89 | ||
90 | =cut |