.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.40) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} .rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "CMS_GET0_RECIPIENTINFOS 3" .TH CMS_GET0_RECIPIENTINFOS 3 "2020-04-21" "1.1.1g" "OpenSSL" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id, CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt \&\- CMS envelopedData RecipientInfo routines .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 \& #include \& \& STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms); \& int CMS_RecipientInfo_type(CMS_RecipientInfo *ri); \& \& int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, \& ASN1_OCTET_STRING **keyid, \& X509_NAME **issuer, \& ASN1_INTEGER **sno); \& int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert); \& int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey); \& \& int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg, \& ASN1_OCTET_STRING **pid, \& ASN1_GENERALIZEDTIME **pdate, \& ASN1_OBJECT **potherid, \& ASN1_TYPE **pothertype); \& int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, \& const unsigned char *id, size_t idlen); \& int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, \& unsigned char *key, size_t keylen); \& \& int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); \& int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" The function \fBCMS_get0_RecipientInfos()\fR returns all the CMS_RecipientInfo structures associated with a \s-1CMS\s0 EnvelopedData structure. .PP \&\fBCMS_RecipientInfo_type()\fR returns the type of CMS_RecipientInfo structure \fBri\fR. It will currently return \s-1CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS,\s0 or \s-1CMS_RECIPINFO_OTHER.\s0 .PP \&\fBCMS_RecipientInfo_ktri_get0_signer_id()\fR retrieves the certificate recipient identifier associated with a specific CMS_RecipientInfo structure \fBri\fR, which must be of type \s-1CMS_RECIPINFO_TRANS.\s0 Either the keyidentifier will be set in \&\fBkeyid\fR or \fBboth\fR issuer name and serial number in \fBissuer\fR and \fBsno\fR. .PP \&\fBCMS_RecipientInfo_ktri_cert_cmp()\fR compares the certificate \fBcert\fR against the CMS_RecipientInfo structure \fBri\fR, which must be of type \s-1CMS_RECIPINFO_TRANS.\s0 It returns zero if the comparison is successful and non zero if not. .PP \&\fBCMS_RecipientInfo_set0_pkey()\fR associates the private key \fBpkey\fR with the CMS_RecipientInfo structure \fBri\fR, which must be of type \&\s-1CMS_RECIPINFO_TRANS.\s0 .PP \&\fBCMS_RecipientInfo_kekri_get0_id()\fR retrieves the key information from the CMS_RecipientInfo structure \fBri\fR which must be of type \s-1CMS_RECIPINFO_KEK.\s0 Any of the remaining parameters can be \s-1NULL\s0 if the application is not interested in the value of a field. Where a field is optional and absent \s-1NULL\s0 will be written to the corresponding parameter. The keyEncryptionAlgorithm field is written to \&\fBpalg\fR, the \fBkeyIdentifier\fR field is written to \fBpid\fR, the \fBdate\fR field if present is written to \fBpdate\fR, if the \fBother\fR field is present the components \&\fBkeyAttrId\fR and \fBkeyAttr\fR are written to parameters \fBpotherid\fR and \&\fBpothertype\fR. .PP \&\fBCMS_RecipientInfo_kekri_id_cmp()\fR compares the \s-1ID\s0 in the \fBid\fR and \fBidlen\fR parameters against the \fBkeyIdentifier\fR CMS_RecipientInfo structure \fBri\fR, which must be of type \s-1CMS_RECIPINFO_KEK.\s0 It returns zero if the comparison is successful and non zero if not. .PP \&\fBCMS_RecipientInfo_set0_key()\fR associates the symmetric key \fBkey\fR of length \&\fBkeylen\fR with the CMS_RecipientInfo structure \fBri\fR, which must be of type \&\s-1CMS_RECIPINFO_KEK.\s0 .PP \&\fBCMS_RecipientInfo_decrypt()\fR attempts to decrypt CMS_RecipientInfo structure \&\fBri\fR in structure \fBcms\fR. A key must have been associated with the structure first. .PP \&\fBCMS_RecipientInfo_encrypt()\fR attempts to encrypt CMS_RecipientInfo structure \&\fBri\fR in structure \fBcms\fR. A key must have been associated with the structure first and the content encryption key must be available: for example by a previous call to \fBCMS_RecipientInfo_decrypt()\fR. .SH "NOTES" .IX Header "NOTES" The main purpose of these functions is to enable an application to lookup recipient keys using any appropriate technique when the simpler method of \fBCMS_decrypt()\fR is not appropriate. .PP In typical usage and application will retrieve all CMS_RecipientInfo structures using \fBCMS_get0_RecipientInfos()\fR and check the type of each using \&\fBCMS_RecipientInfo_type()\fR. Depending on the type the CMS_RecipientInfo structure can be ignored or its key identifier data retrieved using an appropriate function. Then if the corresponding secret or private key can be obtained by any appropriate means it can then associated with the structure and \&\fBCMS_RecipientInfo_decrypt()\fR called. If successful \fBCMS_decrypt()\fR can be called with a \s-1NULL\s0 key to decrypt the enveloped content. .PP The \fBCMS_RecipientInfo_encrypt()\fR can be used to add a new recipient to an existing enveloped data structure. Typically an application will first decrypt an appropriate CMS_RecipientInfo structure to make the content encrypt key available, it will then add a new recipient using a function such as \&\fBCMS_add1_recipient_cert()\fR and finally encrypt the content encryption key using \fBCMS_RecipientInfo_encrypt()\fR. .SH "RETURN VALUES" .IX Header "RETURN VALUES" \&\fBCMS_get0_RecipientInfos()\fR returns all CMS_RecipientInfo structures, or \s-1NULL\s0 if an error occurs. .PP \&\fBCMS_RecipientInfo_ktri_get0_signer_id()\fR, \fBCMS_RecipientInfo_set0_pkey()\fR, \&\fBCMS_RecipientInfo_kekri_get0_id()\fR, \fBCMS_RecipientInfo_set0_key()\fR and \&\fBCMS_RecipientInfo_decrypt()\fR return 1 for success or 0 if an error occurs. \&\fBCMS_RecipientInfo_encrypt()\fR return 1 for success or 0 if an error occurs. .PP \&\fBCMS_RecipientInfo_ktri_cert_cmp()\fR and \fBCMS_RecipientInfo_kekri_cmp()\fR return 0 for a successful comparison and non zero otherwise. .PP Any error can be obtained from \fBERR_get_error\fR\|(3). .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fBERR_get_error\fR\|(3), \fBCMS_decrypt\fR\|(3) .SH "COPYRIGHT" .IX Header "COPYRIGHT" Copyright 2008\-2016 The OpenSSL Project Authors. All Rights Reserved. .PP Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use this file except in compliance with the License. You can obtain a copy in the file \s-1LICENSE\s0 in the source distribution or at .