[thirdparty/openssl.git] / doc / man3 / CMS_get0_SignerInfos.pod

=pod

=head1 NAME

CMS_SignerInfo_set1_signer_cert,
CMS_get0_SignerInfos, CMS_SignerInfo_get0_signer_id,
CMS_SignerInfo_get0_signature, CMS_SignerInfo_cert_cmp
- CMS signedData signer functions

=head1 SYNOPSIS

 #include <openssl/cms.h>

 STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);

 int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid,
                                   X509_NAME **issuer, ASN1_INTEGER **sno);
 ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
 int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
 void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);

=head1 DESCRIPTION

The function CMS_get0_SignerInfos() returns all the CMS_SignerInfo structures
associated with a CMS signedData structure.

CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier
associated with a specific CMS_SignerInfo structure B<si>. Either the
keyidentifier will be set in B<keyid> or B<both> issuer name and serial number
in B<issuer> and B<sno>.

CMS_SignerInfo_get0_signature() retrieves the signature associated with
B<si> in a pointer to an ASN1_OCTET_STRING structure. This pointer returned
corresponds to the internal signature value if B<si> so it may be read or
modified.

CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer
identifier B<si>. It returns zero if the comparison is successful and non zero
if not.

CMS_SignerInfo_set1_signer_cert() sets the signers certificate of B<si> to
B<signer>.

=head1 NOTES

The main purpose of these functions is to enable an application to lookup
signers certificates using any appropriate technique when the simpler method
of CMS_verify() is not appropriate.

In typical usage and application will retrieve all CMS_SignerInfo structures
using CMS_get0_SignerInfo() and retrieve the identifier information using
CMS. It will then obtain the signer certificate by some unspecified means
(or return and error if it cannot be found) and set it using
CMS_SignerInfo_set1_signer_cert().

Once all signer certificates have been set CMS_verify() can be used.

Although CMS_get0_SignerInfos() can return NULL if an error occurs B<or> if
there are no signers this is not a problem in practice because the only
error which can occur is if the B<cms> structure is not of type signedData
due to application error.

=head1 RETURN VALUES

CMS_get0_SignerInfos() returns all CMS_SignerInfo structures, or NULL there
are no signers or an error occurs.

CMS_SignerInfo_get0_signer_id() returns 1 for success and 0 for failure.

CMS_SignerInfo_cert_cmp() returns 0 for a successful comparison and non
zero otherwise.

CMS_SignerInfo_set1_signer_cert() does not return a value.

Any error can be obtained from L<ERR_get_error(3)>

=head1 SEE ALSO

L<ERR_get_error(3)>, L<CMS_verify(3)>

=head1 COPYRIGHT

Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
e33ffaca DSH	1	=pod
	2
	3	=head1 NAME
	4
c952780c RS	5	CMS_SignerInfo_set1_signer_cert,
c952780c RS	6	CMS_get0_SignerInfos, CMS_SignerInfo_get0_signer_id,
3ba4dac6	7	CMS_SignerInfo_get0_signature, CMS_SignerInfo_cert_cmp
c952780c	8	- CMS signedData signer functions
e33ffaca DSH	9
	10	=head1 SYNOPSIS
	11
	12	#include <openssl/cms.h>
	13
	14	STACK_OF(CMS_SignerInfo) CMS_get0_SignerInfos(CMS_ContentInfo cms);
	15
e9b77246 BB	16	int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo si, ASN1_OCTET_STRING *keyid,
e9b77246 BB	17	X509_NAME issuer, ASN1_INTEGER sno);
da15c616	18	ASN1_OCTET_STRING CMS_SignerInfo_get0_signature(CMS_SignerInfo si);
e33ffaca DSH	19	int CMS_SignerInfo_cert_cmp(CMS_SignerInfo si, X509 cert);
	20	void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo si, X509 signer);
	21
	22	=head1 DESCRIPTION
	23
	24	The function CMS_get0_SignerInfos() returns all the CMS_SignerInfo structures
	25	associated with a CMS signedData structure.
	26
	27	CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier
	28	associated with a specific CMS_SignerInfo structure B<si>. Either the
	29	keyidentifier will be set in B<keyid> or B<both> issuer name and serial number
	30	in B<issuer> and B<sno>.
	31
1bc74519	32	CMS_SignerInfo_get0_signature() retrieves the signature associated with
da15c616 DSH	33	B<si> in a pointer to an ASN1_OCTET_STRING structure. This pointer returned
	34	corresponds to the internal signature value if B<si> so it may be read or
	35	modified.
	36
c420fab5	37	CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer
e33ffaca DSH	38	identifier B<si>. It returns zero if the comparison is successful and non zero
	39	if not.
	40
	41	CMS_SignerInfo_set1_signer_cert() sets the signers certificate of B<si> to
	42	B<signer>.
	43
	44	=head1 NOTES
	45
	46	The main purpose of these functions is to enable an application to lookup
	47	signers certificates using any appropriate technique when the simpler method
	48	of CMS_verify() is not appropriate.
	49
	50	In typical usage and application will retrieve all CMS_SignerInfo structures
	51	using CMS_get0_SignerInfo() and retrieve the identifier information using
	52	CMS. It will then obtain the signer certificate by some unspecified means
	53	(or return and error if it cannot be found) and set it using
	54	CMS_SignerInfo_set1_signer_cert().
	55
	56	Once all signer certificates have been set CMS_verify() can be used.
	57
34e4a964	58	Although CMS_get0_SignerInfos() can return NULL if an error occurs B<or> if
e33ffaca DSH	59	there are no signers this is not a problem in practice because the only
	60	error which can occur is if the B<cms> structure is not of type signedData
	61	due to application error.
	62
	63	=head1 RETURN VALUES
	64
	65	CMS_get0_SignerInfos() returns all CMS_SignerInfo structures, or NULL there
	66	are no signers or an error occurs.
	67
	68	CMS_SignerInfo_get0_signer_id() returns 1 for success and 0 for failure.
	69
	70	CMS_SignerInfo_cert_cmp() returns 0 for a successful comparison and non
	71	zero otherwise.
	72
	73	CMS_SignerInfo_set1_signer_cert() does not return a value.
	74
9b86974e	75	Any error can be obtained from L<ERR_get_error(3)>
e33ffaca DSH	76
	77	=head1 SEE ALSO
	78
9b86974e	79	L<ERR_get_error(3)>, L<CMS_verify(3)>
e33ffaca	80
e2f92610 RS	81	=head1 COPYRIGHT
e2f92610 RS	82
83cf7abf	83	Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	84
4746f25a	85	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	86	this file except in compliance with the License. You can obtain a copy
	87	in the file LICENSE in the source distribution or at
	88	L<https://www.openssl.org/source/license.html>.
	89
	90	=cut