centos man page for cms_add0_recipient_key

Centos Man Pages All Man Pages Latest Topics Forum Categories

Query: cms_add0_recipient_key

OS: centos

Section: 3

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

CMS_add1_recipient_cert(3)					      OpenSSL						CMS_add1_recipient_cert(3)


NAME

	CMS_add1_recipient_cert, CMS_add0_recipient_key - add recipients to a CMS enveloped data structure


SYNOPSIS

	#include <openssl/cms.h>

	CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, unsigned int flags);

	CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, unsigned char *key, size_t keylen, unsigned char *id, size_t idlen, ASN1_GENERALIZEDTIME *date, ASN1_OBJECT *otherTypeId, ASN1_TYPE *otherType);


DESCRIPTION

       CMS_add1_recipient_cert() adds recipient recip to CMS_ContentInfo enveloped data structure cms as a KeyTransRecipientInfo structure.

       CMS_add0_recipient_key() adds symmetric key key of length keylen using wrapping algorithm nid, identifier id of length idlen and optional
       values date, otherTypeId and otherType to CMS_ContentInfo enveloped data structure cms as a KEKRecipientInfo structure.

       The CMS_ContentInfo structure should be obtained from an initial call to CMS_encrypt() with the flag CMS_PARTIAL set.


NOTES

       The main purpose of this function is to provide finer control over a CMS enveloped data structure where the simpler CMS_encrypt() function
       defaults are not appropriate. For example if one or more KEKRecipientInfo structures need to be added. New attributes can also be added
       using the returned CMS_RecipientInfo structure and the CMS attribute utility functions.

       OpenSSL will by default identify recipient certificates using issuer name and serial number. If CMS_USE_KEYID is set it will use the
       subject key identifier value instead. An error occurs if all recipient certificates do not have a subject key identifier extension.

       Currently only AES based key wrapping algorithms are supported for nid, specifically: NID_id_aes128_wrap, NID_id_aes192_wrap and
       NID_id_aes256_wrap.  If nid is set to NID_undef then an AES wrap algorithm will be used consistent with keylen.


RETURN VALUES

       CMS_add1_recipient_cert() and CMS_add0_recipient_key() return an internal pointer to the CMS_RecipientInfo structure just added or NULL if
       an error occurs.


SEE ALSO

       ERR_get_error(3), CMS_decrypt(3), CMS_final(3),


HISTORY

       CMS_add1_recipient_cert() and CMS_add0_recipient_key() were added to OpenSSL 0.9.8

1.0.1e								    2013-02-11						CMS_add1_recipient_cert(3)
Related Man Pages
cms_recipientinfo_kekri_get0_id(3) - centos
cms_recipientinfo_decrypt(3) - centos
cms_add0_recipient_key(3) - centos
cms_encrypt(3ssl) - linux
cms_add0_recipient_key(3ssl) - linux
Similar Topics in the Unix Linux Community
Best performance UNIX just for HOST Virtualization?
DB2 convert digits to binary format
CentOS7 restoring file capabilities
Controlling user input
Please Welcome Dave Munro to the Moderator Team!