1*e7be843bSPierre Pronchery=pod 2*e7be843bSPierre Pronchery 3*e7be843bSPierre Pronchery=head1 NAME 4*e7be843bSPierre Pronchery 5*e7be843bSPierre Proncheryossl_cms_sign_encrypt 6*e7be843bSPierre Pronchery- Create CMS envelope 7*e7be843bSPierre Pronchery 8*e7be843bSPierre Pronchery=head1 SYNOPSIS 9*e7be843bSPierre Pronchery 10*e7be843bSPierre Pronchery #include <openssl/cms.h> 11*e7be843bSPierre Pronchery 12*e7be843bSPierre Pronchery CMS_EnvelopedData *ossl_cms_sign_encrypt(BIO *data, X509 *sign_cert, STACK_OF(X509) *certs, 13*e7be843bSPierre Pronchery EVP_PKEY *sign_key, unsigned int sign_flags, 14*e7be843bSPierre Pronchery STACK_OF(X509) *enc_recip, const EVP_CIPHER *cipher, 15*e7be843bSPierre Pronchery unsigned int enc_flags, OSSL_LIB_CTX *libctx, 16*e7be843bSPierre Pronchery const char *propq); 17*e7be843bSPierre Pronchery 18*e7be843bSPierre Pronchery=head1 DESCRIPTION 19*e7be843bSPierre Pronchery 20*e7be843bSPierre Proncheryossl_cms_sign_encrypt() creates a B<CMS_EnvelopedData> structure for recipients in 21*e7be843bSPierre ProncheryI<enc_recip>. 22*e7be843bSPierre Pronchery 23*e7be843bSPierre ProncheryI<data> is signed using I<signcert> and I<signkey> to create B<CMS_SignedData> 24*e7be843bSPierre Proncheryand then encrypted using I<enc_recip> to create B<CMS_EnvelopedData>. 25*e7be843bSPierre ProncheryThe library context I<libctx> and the property query I<propq> are used 26*e7be843bSPierre Proncherywhen retrieving algorithms from providers. 27*e7be843bSPierre Pronchery 28*e7be843bSPierre ProncheryI<certs> is an optional additional set of certificates to include in the 29*e7be843bSPierre ProncheryB<CMS_SignedData> structure (e.g., any intermediate CAs in the chain of the signer certificate). 30*e7be843bSPierre Pronchery 31*e7be843bSPierre ProncheryI<sign_flags> is an optional set of flags for the signing operation. 32*e7be843bSPierre ProncherySee L<CMS_sign_ex(3)> for more information. 33*e7be843bSPierre Pronchery 34*e7be843bSPierre ProncheryI<enc_flags> is an optional set of flags for the encryption operation. 35*e7be843bSPierre ProncherySee L<CMS_encrypt_ex(3)> for more information. 36*e7be843bSPierre Pronchery 37*e7be843bSPierre Pronchery=head1 RETURN VALUES 38*e7be843bSPierre Pronchery 39*e7be843bSPierre ProncheryIf the allocation fails, ossl_cms_sign_encrypt() returns NULL and 40*e7be843bSPierre Proncherysets an error code that can be obtained by L<ERR_get_error(3)>. 41*e7be843bSPierre ProncheryOtherwise, it returns a pointer to the newly allocated structure. 42*e7be843bSPierre Pronchery 43*e7be843bSPierre Pronchery=head1 HISTORY 44*e7be843bSPierre Pronchery 45*e7be843bSPierre Proncheryossl_cms_sign_encrypt() was added in OpenSSL 3.5. 46*e7be843bSPierre Pronchery 47*e7be843bSPierre Pronchery=head1 COPYRIGHT 48*e7be843bSPierre Pronchery 49*e7be843bSPierre ProncheryCopyright 2023-2025 - 2024 The OpenSSL Project Authors. All Rights Reserved. 50*e7be843bSPierre Pronchery 51*e7be843bSPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 52*e7be843bSPierre Proncherythis file except in compliance with the License. You can obtain a copy 53*e7be843bSPierre Proncheryin the file LICENSE in the source distribution or at 54*e7be843bSPierre ProncheryL<https://www.openssl.org/source/license.html>. 55*e7be843bSPierre Pronchery 56*e7be843bSPierre Pronchery=cut 57