xref: /freebsd/crypto/openssl/doc/man3/PKCS7_sign.pod (revision e32fecd0c2c3ee37c47ee100f169e7eb0282a873)
1=pod
2
3=head1 NAME
4
5PKCS7_sign - create a PKCS#7 signedData structure
6
7=head1 SYNOPSIS
8
9 #include <openssl/pkcs7.h>
10
11 PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
12                   BIO *data, int flags);
13
14=head1 DESCRIPTION
15
16PKCS7_sign() creates and returns a PKCS#7 signedData structure.
17I<signcert> is the certificate to sign with, I<pkey> is the corresponding
18private key. I<certs> is an optional set of extra certificates to include
19in the PKCS#7 structure (for example any intermediate CAs in the chain).
20
21The data to be signed is read from BIO I<data>.
22
23I<flags> is an optional set of flags.
24
25Any of the following flags (ored together) can be passed in the I<flags>
26
27Many S/MIME clients expect the signed content to include valid MIME headers. If
28the B<PKCS7_TEXT> flag is set MIME headers for type C<text/plain> are prepended
29to the data.
30
31If B<PKCS7_NOCERTS> is set the signer's certificate and the extra I<certs>
32will not be included in the PKCS7 structure.
33The signer's certificate must still be supplied in the I<signcert> parameter
34though. This can reduce the size of the signatures if the signer's certificates
35can be obtained by other means: for example a previously signed message.
36
37The data being signed is included in the PKCS7 structure, unless
38B<PKCS7_DETACHED> is set in which case it is omitted. This is used for PKCS7
39detached signatures which are used in S/MIME plaintext signed messages for
40example.
41
42Normally the supplied content is translated into MIME canonical format (as
43required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation
44occurs. This option should be used if the supplied data is in binary format
45otherwise the translation will corrupt it.
46
47The signedData structure includes several PKCS#7 authenticatedAttributes
48including the signing time, the PKCS#7 content type and the supported list of
49ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no
50authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just
51the SMIMECapabilities are omitted.
52
53If present the SMIMECapabilities attribute indicates support for the following
54algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
55these algorithms is disabled then it will not be included.
56
57If the flags B<PKCS7_STREAM> is set then the returned B<PKCS7> structure is
58just initialized ready to perform the signing operation. The signing is however
59B<not> performed and the data to be signed is not read from the I<data>
60parameter. Signing is deferred until after the data has been written. In this
61way data can be signed in a single pass.
62
63If the B<PKCS7_PARTIAL> flag is set a partial B<PKCS7> structure is output to
64which additional signers and capabilities can be added before finalization.
65
66=head1 NOTES
67
68If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
69complete and outputting its contents via a function that does not properly
70finalize the B<PKCS7> structure will give unpredictable results.
71
72Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
73PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
74can be performed by obtaining the streaming ASN1 B<BIO> directly using
75BIO_new_PKCS7().
76
77If a signer is specified it will use the default digest for the signing
78algorithm. This is B<SHA1> for both RSA and DSA keys.
79
80The I<certs>, I<signcert> and I<pkey> parameters can all be
81NULL if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
82using the function PKCS7_sign_add_signer(). PKCS7_final() must also be
83called to finalize the structure if streaming is not enabled. Alternative
84signing digests can also be specified using this method.
85
86If I<signcert> and I<pkey> are NULL then a certificates only
87PKCS#7 structure is output.
88
89In versions of OpenSSL before 1.0.0 the I<signcert> and I<pkey> parameters must
90not be NULL.
91
92=head1 BUGS
93
94Some advanced attributes such as counter signatures are not supported.
95
96=head1 RETURN VALUES
97
98PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error
99occurred.  The error can be obtained from ERR_get_error(3).
100
101=head1 SEE ALSO
102
103L<ERR_get_error(3)>, L<PKCS7_verify(3)>
104
105=head1 HISTORY
106
107The B<PKCS7_PARTIAL> flag, and the ability for I<certs>, I<signcert>,
108and I<pkey> parameters to be NULL were added in OpenSSL 1.0.0.
109
110The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0.
111
112=head1 COPYRIGHT
113
114Copyright 2002-2022 The OpenSSL Project Authors. All Rights Reserved.
115
116Licensed under the OpenSSL license (the "License").  You may not use
117this file except in compliance with the License.  You can obtain a copy
118in the file LICENSE in the source distribution or at
119L<https://www.openssl.org/source/license.html>.
120
121=cut
122