xref: /freebsd/crypto/openssl/doc/man3/CMS_add0_cert.pod (revision 058ac3e8063366dafa634d9107642e12b038bf09)
1=pod
2
3=head1 NAME
4
5CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_get1_crls
6- CMS certificate and CRL utility functions
7
8=head1 SYNOPSIS
9
10 #include <openssl/cms.h>
11
12 int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
13 int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
14 STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
15
16 int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
17 int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
18 STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
19
20=head1 DESCRIPTION
21
22CMS_add0_cert() and CMS_add1_cert() add certificate I<cert> to I<cms>.
23I<cms> must be of type signed data or (authenticated) enveloped data.
24For signed data, such a certificate can be used when signing or verifying
25to fill in the signer certificate or to provide an extra CA certificate
26that may be needed for chain building in certificate validation.
27
28CMS_get1_certs() returns all certificates in I<cms>.
29
30CMS_add0_crl() and CMS_add1_crl() add CRL I<crl> to I<cms>.
31I<cms> must be of type signed data or (authenticated) enveloped data.
32For signed data, such a CRL may be used in certificate validation.
33It may be given both for inclusion when signing a CMS message
34and when verifying a signed CMS message.
35
36CMS_get1_crls() returns all CRLs in I<cms>.
37
38=head1 NOTES
39
40The CMS_ContentInfo structure I<cms> must be of type signed data or enveloped
41data or an error will be returned.
42
43For signed data certificates and CRLs are added to the I<certificates> and
44I<crls> fields of SignedData structure. For enveloped data they are added to
45B<OriginatorInfo>.
46
47As the I<0> implies CMS_add0_cert() adds I<cert> internally to I<cms> and it
48must not be freed up after the call as opposed to CMS_add1_cert() where I<cert>
49must be freed up.
50
51The same certificate or CRL must not be added to the same cms structure more
52than once.
53
54=head1 RETURN VALUES
55
56CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return
571 for success and 0 for failure.
58
59CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs
60or NULL if there are none or an error occurs. The only error which will occur
61in practice is if the I<cms> type is invalid.
62
63=head1 SEE ALSO
64
65L<ERR_get_error(3)>,
66L<CMS_sign(3)>,
67L<CMS_encrypt(3)>
68
69=head1 COPYRIGHT
70
71Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.
72
73Licensed under the OpenSSL license (the "License").  You may not use
74this file except in compliance with the License.  You can obtain a copy
75in the file LICENSE in the source distribution or at
76L<https://www.openssl.org/source/license.html>.
77
78=cut
79