minor cleanup:

* add the missing STANDARDS section * mark up ASN.1 type names * avoid some repetitions * make some lists more palatable in -column form * and minor wording improvements and typo fixes
author: schwarze <> 2019-08-17 14:41:01 +0000
committer: schwarze <> 2019-08-17 14:41:01 +0000
commit: 828cf47420406660396ab34261a41d0fcd3ec1bb (patch)
tree: c957dd7b5275faffe0770a18e2ad48a35dfdce78 /src
parent: e7263003444524c1b7479a6fefb97059481001b9 (diff)
download: openbsd-828cf47420406660396ab34261a41d0fcd3ec1bb.tar.gz
openbsd-828cf47420406660396ab34261a41d0fcd3ec1bb.tar.bz2
openbsd-828cf47420406660396ab34261a41d0fcd3ec1bb.zip
1 files changed, 88 insertions, 89 deletions
diff --git a/src/lib/libcrypto/man/CMS_get0_RecipientInfos.3 b/src/lib/libcrypto/man/CMS_get0_RecipientInfos.3
index 6bf506dfbe..fc62d3a08b 100644
--- a/src/lib/libcrypto/man/CMS_get0_RecipientInfos.3
+++ b/src/lib/libcrypto/man/CMS_get0_RecipientInfos.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: CMS_get0_RecipientInfos.3,v 1.4 2019/08/11 12:46:38 schwarze Exp $
+.\" $OpenBSD: CMS_get0_RecipientInfos.3,v 1.5 2019/08/17 14:41:01 schwarze Exp $
 .\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 11 2019 $
+.Dd $Mdocdate: August 17 2019 $
 .Dt CMS_GET0_RECIPIENTINFOS 3
 .Os
 .Sh NAME
@@ -62,7 +62,7 @@
 .Nm CMS_RecipientInfo_set0_key ,
 .Nm CMS_RecipientInfo_decrypt ,
 .Nm CMS_RecipientInfo_encrypt
-.Nd CMS envelopedData RecipientInfo routines
+.Nd CMS EnvelopedData RecipientInfo routines
 .Sh SYNOPSIS
 .In openssl/cms.h
 .Ft STACK_OF(CMS_RecipientInfo) *
@@ -83,7 +83,7 @@
 .Ft int
 .Fo CMS_RecipientInfo_ktri_cert_cmp
 .Fa "CMS_RecipientInfo *ri"
-.Fa "X509 *cert"
+.Fa "X509 *certificate"
 .Fc
 .Ft int
 .Fo CMS_RecipientInfo_set0_pkey
@@ -122,138 +122,120 @@
 .Fa "CMS_RecipientInfo *ri"
 .Fc
 .Sh DESCRIPTION
-The function
 .Fn CMS_get0_RecipientInfos
 returns all the
-.Vt CMS_RecipientInfo
+.Vt RecipientInfo
-structures associated with a CMS EnvelopedData structure.
+structures associated with the
+.Vt EnvelopedData
+structure
+.Fa cms .
 .Pp
 .Fn CMS_RecipientInfo_type
-returns the type of the
+returns the type of
-.Vt CMS_RecipientInfo
+.Fa ri :
-structure
+.Bl -column CMS_RECIPINFO_TRANS for -compact
-.Fa ri .
+.It Dv CMS_RECIPINFO_TRANS Ta for Ta Vt KeyTransRecipientInfo ,
-It will currently return
+.It Dv CMS_RECIPINFO_AGREE Ta for Ta Vt KeyAgreeRecipientInfo ,
-.Dv CMS_RECIPINFO_TRANS ,
+.It Dv CMS_RECIPINFO_KEK   Ta for Ta Vt KEKRecipientInfo ,
-.Dv CMS_RECIPINFO_AGREE ,
+.It Dv CMS_RECIPINFO_PASS  Ta for Ta Vt PasswordRecipientinfo , No or
-.Dv CMS_RECIPINFO_KEK ,
+.It Dv CMS_RECIPINFO_OTHER Ta for Ta Vt OtherRecipientInfo .
-.Dv CMS_RECIPINFO_PASS ,
+.El
-or
-.Dv CMS_RECIPINFO_OTHER .
 .Pp
 .Fn CMS_RecipientInfo_ktri_get0_signer_id
-retrieves the certificate recipient identifier associated with a
+retrieves the certificate
-specific
+.Vt RecipientIdentifier
-.Vt CMS_RecipientInfo
+associated with the
+.Vt KeyTransRecipientInfo
 structure
-.Fa ri ,
+.Fa ri .
-which must be of type
+Either the
-.Dv CMS_RECIPINFO_TRANS .
+.Vt SubjectKeyIdentifier
-Either the keyidentifier will be set in
+will be set in
 .Fa keyid
-or
+or both issuer name and serial number in
-.Em both
-issuer name and serial number in
 .Fa issuer
 and
 .Fa sno .
 .Pp
 .Fn CMS_RecipientInfo_ktri_cert_cmp
-compares the certificate
+compares the
-.Fa cert
+.Fa certificate
 against the
-.Vt CMS_RecipientInfo
+.Vt KeyTransRecipientInfo
 structure
-.Fa ri ,
+.Fa ri .
-which must be of type
-.Dv CMS_RECIPINFO_TRANS .
-It returns zero if the comparison is successful or non-zero if not.
 .Pp
 .Fn CMS_RecipientInfo_set0_pkey
 associates the private key
 .Fa pkey
 with the
-.Vt CMS_RecipientInfo
+.Vt KeyTransRecipientInfo
 structure
-.Fa ri ,
+.Fa ri .
-which must be of type
-.Dv CMS_RECIPINFO_TRANS .
 .Pp
 .Fn CMS_RecipientInfo_kekri_get0_id
 retrieves the key information from the
-.Vt CMS_RecipientInfo
+.Vt KEKRecipientInfo
 structure
-.Fa ri
+.Fa ri .
-which must be of type
+Fields are copied out as follows:
-.Dv CMS_RECIPINFO_KEK .
+.Bl -column keyEncryptionAlgorithm to -compact
-Any of the remaining parameters can be
+.It Fa keyEncryptionAlgorithm Ta to Ta Pf * Fa palg ,
-.Dv NULL
+.It Fa keyIdentifier          Ta to Ta Pf * Fa pid ,
-if the application is not interested in the value of a field.
+.It Fa date                   Ta to Ta Pf * Fa pdate Pq optional ,
+.It Fa other.keyAttrId        Ta to Ta Pf * Fa potherid Pq optional ,
+.It Fa other.keyAttr          Ta to Ta Pf * Fa pothertype Pq optional .
+.El
 Where a field is optional and absent,
 .Dv NULL
-will be written to the corresponding parameter.
+is written to the corresponding parameter.
-The keyEncryptionAlgorithm field is written to
+Parameters the application is not interested in can be set to
-.Fa palg ,
+.Dv NULL .
-the keyIdentifier field is written to
-.Fa pid ,
-the
-.Sy date
-field if present is written to
-.Fa pdate .
-If the
-.Sy other
-field is present the components
-.Sy keyAttrId
-and
-.Sy keyAttr
-are written to the parameters
-.Fa potherid
-and
-.Fa pothertype .
 .Pp
 .Fn CMS_RecipientInfo_kekri_id_cmp
-compares the ID in the
+compares the identifier in the
 .Fa id
 and
 .Fa idlen
-parameters against the keyIdentifier
+parameters against the
-.Vt CMS_RecipientInfo
+.Fa keyIdentifier
+field of the
+.Vt KEKRecipientInfo
 structure
-.Fa ri ,
+.Fa ri .
-which must be of type
-.Dv CMS_RECIPINFO_KEK .
-It returns zero if the comparison is successful or non-zero if not.
 .Pp
 .Fn CMS_RecipientInfo_set0_key
-associates the symmetric key
+associates the symmetric
 .Fa key
 of length
 .Fa keylen
 with the
-.Vt CMS_RecipientInfo
+.Vt KEKRecipientInfo
 structure
-.Fa ri ,
+.Fa ri .
-which must be of type
-.Dv CMS_RECIPINFO_KEK .
 .Pp
 .Fn CMS_RecipientInfo_decrypt
 attempts to decrypt the
-.Vt CMS_RecipientInfo
+.Vt RecipientInfo
 structure
 .Fa ri
-in structure
+in
 .Fa cms .
-A key must have been associated with the structure first.
+A key must have been associated with
+.Fa ri
+first.
 .Pp
 .Fn CMS_RecipientInfo_encrypt
 attempts to encrypt the
-.Vt CMS_RecipientInfo
+.Vt RecipientInfo
 structure
 .Fa ri
-in structure
+in
 .Fa cms .
-A key must have been associated with the structure first and the content
+A key must have been associated with
-encryption key must be available: for example by a previous call to
+.Fa ri
+first and the content encryption key must be available,
+for example by a previous call to
 .Fn CMS_RecipientInfo_decrypt .
 .Pp
 The main purpose of these functions is to enable an application to
@@ -262,11 +244,11 @@ method of
 .Xr CMS_decrypt 3
 is not appropriate.
 .Pp
-In typical usage, an application will retrieve all
+In typical usage, an application retrieves all
 .Vt CMS_RecipientInfo
 structures using
 .Fn CMS_get0_RecipientInfos
-and check the type of each using
+and checks the type of each using
 .Fn CMS_RecipientInfo_type .
 Depending on the type, the
 .Vt CMS_RecipientInfo
@@ -289,18 +271,21 @@ structure.
 Typically an application will first decrypt an appropriate
 .Vt CMS_RecipientInfo
 structure to make the content encrypt key available.
-Ot will then add a new recipient using a function such as
+It will then add a new recipient using a function such as
 .Xr CMS_add1_recipient_cert 3
 and finally encrypt the content encryption key using
 .Fn CMS_RecipientInfo_encrypt .
 .Sh RETURN VALUES
 .Fn CMS_get0_RecipientInfos
-returns all
+returns an internal pointer to all the
 .Vt CMS_RecipientInfo
 structures, or
 .Dv NULL
 if an error occurs.
 .Pp
+.Fn CMS_RecipientInfo_type
+returns an integer constant.
+.Pp
 .Fn CMS_RecipientInfo_ktri_get0_signer_id ,
 .Fn CMS_RecipientInfo_set0_pkey ,
 .Fn CMS_RecipientInfo_kekri_get0_id ,
@@ -313,12 +298,26 @@ return 1 for success or 0 if an error occurs.
 .Fn CMS_RecipientInfo_ktri_cert_cmp
 and
 .Fn CMS_RecipientInfo_kekri_id_cmp
-return 0 for a successful comparison or non-zero otherwise.
+return 0 when
+.Fa ri
+matches or non-zero otherwise.
 .Pp
 Any error can be obtained from
 .Xr ERR_get_error 3 .
 .Sh SEE ALSO
 .Xr CMS_decrypt 3
+.Sh STANDARDS
+RFC 5652 Cryptographic Message Syntax (CMS):
+.Bl -dash -compact -offset indent
+.It
+section 6.1: EnvelopedData Type
+.It
+section 6.2: RecipientInfo Type
+.It
+section 6.2.1: KeyTransRecipientInfo Type
+.It
+section 6.2.3: KEKRecipientInfo Type
+.El
 .Sh HISTORY
 These functions first appeared in OpenSSL 0.9.8h,
 except that
author	schwarze <>	2019-08-17 14:41:01 +0000
committer	schwarze <>	2019-08-17 14:41:01 +0000
commit	828cf47420406660396ab34261a41d0fcd3ec1bb (patch)
tree	c957dd7b5275faffe0770a18e2ad48a35dfdce78 /src
parent	e7263003444524c1b7479a6fefb97059481001b9 (diff)
download	openbsd-828cf47420406660396ab34261a41d0fcd3ec1bb.tar.gz openbsd-828cf47420406660396ab34261a41d0fcd3ec1bb.tar.bz2 openbsd-828cf47420406660396ab34261a41d0fcd3ec1bb.zip

diff --git a/src/lib/libcrypto/man/CMS_get0_RecipientInfos.3 b/src/lib/libcrypto/man/CMS_get0_RecipientInfos.3 index 6bf506dfbe..fc62d3a08b 100644 --- a/src/lib/libcrypto/man/CMS_get0_RecipientInfos.3 +++ b/src/lib/libcrypto/man/CMS_get0_RecipientInfos.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: CMS_get0_RecipientInfos.3,v 1.4 2019/08/11 12:46:38 schwarze Exp $	1	.\" $OpenBSD: CMS_get0_RecipientInfos.3,v 1.5 2019/08/17 14:41:01 schwarze Exp $
2	.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100	2	.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
3	.\"	3	.\"
4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.	4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: August 11 2019 $	51	.Dd $Mdocdate: August 17 2019 $
52	.Dt CMS_GET0_RECIPIENTINFOS 3	52	.Dt CMS_GET0_RECIPIENTINFOS 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -62,7 +62,7 @@
62	.Nm CMS_RecipientInfo_set0_key ,	62	.Nm CMS_RecipientInfo_set0_key ,
63	.Nm CMS_RecipientInfo_decrypt ,	63	.Nm CMS_RecipientInfo_decrypt ,
64	.Nm CMS_RecipientInfo_encrypt	64	.Nm CMS_RecipientInfo_encrypt
65	.Nd CMS envelopedData RecipientInfo routines	65	.Nd CMS EnvelopedData RecipientInfo routines
66	.Sh SYNOPSIS	66	.Sh SYNOPSIS
67	.In openssl/cms.h	67	.In openssl/cms.h
68	.Ft STACK_OF(CMS_RecipientInfo) *	68	.Ft STACK_OF(CMS_RecipientInfo) *
@@ -83,7 +83,7 @@
83	.Ft int	83	.Ft int
84	.Fo CMS_RecipientInfo_ktri_cert_cmp	84	.Fo CMS_RecipientInfo_ktri_cert_cmp
85	.Fa "CMS_RecipientInfo *ri"	85	.Fa "CMS_RecipientInfo *ri"
86	.Fa "X509 *cert"	86	.Fa "X509 *certificate"
87	.Fc	87	.Fc
88	.Ft int	88	.Ft int
89	.Fo CMS_RecipientInfo_set0_pkey	89	.Fo CMS_RecipientInfo_set0_pkey
@@ -122,138 +122,120 @@
122	.Fa "CMS_RecipientInfo *ri"	122	.Fa "CMS_RecipientInfo *ri"
123	.Fc	123	.Fc
124	.Sh DESCRIPTION	124	.Sh DESCRIPTION
125	The function
126	.Fn CMS_get0_RecipientInfos	125	.Fn CMS_get0_RecipientInfos
127	returns all the	126	returns all the
128	.Vt CMS_RecipientInfo	127	.Vt RecipientInfo
129	structures associated with a CMS EnvelopedData structure.	128	structures associated with the
		129	.Vt EnvelopedData
		130	structure
		131	.Fa cms .
130	.Pp	132	.Pp
131	.Fn CMS_RecipientInfo_type	133	.Fn CMS_RecipientInfo_type
132	returns the type of the	134	returns the type of
133	.Vt CMS_RecipientInfo	135	.Fa ri :
134	structure	136	.Bl -column CMS_RECIPINFO_TRANS for -compact
135	.Fa ri .	137	.It Dv CMS_RECIPINFO_TRANS Ta for Ta Vt KeyTransRecipientInfo ,
136	It will currently return	138	.It Dv CMS_RECIPINFO_AGREE Ta for Ta Vt KeyAgreeRecipientInfo ,
137	.Dv CMS_RECIPINFO_TRANS ,	139	.It Dv CMS_RECIPINFO_KEK Ta for Ta Vt KEKRecipientInfo ,
138	.Dv CMS_RECIPINFO_AGREE ,	140	.It Dv CMS_RECIPINFO_PASS Ta for Ta Vt PasswordRecipientinfo , No or
139	.Dv CMS_RECIPINFO_KEK ,	141	.It Dv CMS_RECIPINFO_OTHER Ta for Ta Vt OtherRecipientInfo .
140	.Dv CMS_RECIPINFO_PASS ,	142	.El
141	or
142	.Dv CMS_RECIPINFO_OTHER .
143	.Pp	143	.Pp
144	.Fn CMS_RecipientInfo_ktri_get0_signer_id	144	.Fn CMS_RecipientInfo_ktri_get0_signer_id
145	retrieves the certificate recipient identifier associated with a	145	retrieves the certificate
146	specific	146	.Vt RecipientIdentifier
147	.Vt CMS_RecipientInfo	147	associated with the
		148	.Vt KeyTransRecipientInfo
148	structure	149	structure
149	.Fa ri ,	150	.Fa ri .
150	which must be of type	151	Either the
151	.Dv CMS_RECIPINFO_TRANS .	152	.Vt SubjectKeyIdentifier
152	Either the keyidentifier will be set in	153	will be set in
153	.Fa keyid	154	.Fa keyid
154	or	155	or both issuer name and serial number in
155	.Em both
156	issuer name and serial number in
157	.Fa issuer	156	.Fa issuer
158	and	157	and
159	.Fa sno .	158	.Fa sno .
160	.Pp	159	.Pp
161	.Fn CMS_RecipientInfo_ktri_cert_cmp	160	.Fn CMS_RecipientInfo_ktri_cert_cmp
162	compares the certificate	161	compares the
163	.Fa cert	162	.Fa certificate
164	against the	163	against the
165	.Vt CMS_RecipientInfo	164	.Vt KeyTransRecipientInfo
166	structure	165	structure
167	.Fa ri ,	166	.Fa ri .
168	which must be of type
169	.Dv CMS_RECIPINFO_TRANS .
170	It returns zero if the comparison is successful or non-zero if not.
171	.Pp	167	.Pp
172	.Fn CMS_RecipientInfo_set0_pkey	168	.Fn CMS_RecipientInfo_set0_pkey
173	associates the private key	169	associates the private key
174	.Fa pkey	170	.Fa pkey
175	with the	171	with the
176	.Vt CMS_RecipientInfo	172	.Vt KeyTransRecipientInfo
177	structure	173	structure
178	.Fa ri ,	174	.Fa ri .
179	which must be of type
180	.Dv CMS_RECIPINFO_TRANS .
181	.Pp	175	.Pp
182	.Fn CMS_RecipientInfo_kekri_get0_id	176	.Fn CMS_RecipientInfo_kekri_get0_id
183	retrieves the key information from the	177	retrieves the key information from the
184	.Vt CMS_RecipientInfo	178	.Vt KEKRecipientInfo
185	structure	179	structure
186	.Fa ri	180	.Fa ri .
187	which must be of type	181	Fields are copied out as follows:
188	.Dv CMS_RECIPINFO_KEK .	182	.Bl -column keyEncryptionAlgorithm to -compact
189	Any of the remaining parameters can be	183	.It Fa keyEncryptionAlgorithm Ta to Ta Pf * Fa palg ,
190	.Dv NULL	184	.It Fa keyIdentifier Ta to Ta Pf * Fa pid ,
191	if the application is not interested in the value of a field.	185	.It Fa date Ta to Ta Pf * Fa pdate Pq optional ,
		186	.It Fa other.keyAttrId Ta to Ta Pf * Fa potherid Pq optional ,
		187	.It Fa other.keyAttr Ta to Ta Pf * Fa pothertype Pq optional .
		188	.El
192	Where a field is optional and absent,	189	Where a field is optional and absent,
193	.Dv NULL	190	.Dv NULL
194	will be written to the corresponding parameter.	191	is written to the corresponding parameter.
195	The keyEncryptionAlgorithm field is written to	192	Parameters the application is not interested in can be set to
196	.Fa palg ,	193	.Dv NULL .
197	the keyIdentifier field is written to
198	.Fa pid ,
199	the
200	.Sy date
201	field if present is written to
202	.Fa pdate .
203	If the
204	.Sy other
205	field is present the components
206	.Sy keyAttrId
207	and
208	.Sy keyAttr
209	are written to the parameters
210	.Fa potherid
211	and
212	.Fa pothertype .
213	.Pp	194	.Pp
214	.Fn CMS_RecipientInfo_kekri_id_cmp	195	.Fn CMS_RecipientInfo_kekri_id_cmp
215	compares the ID in the	196	compares the identifier in the
216	.Fa id	197	.Fa id
217	and	198	and
218	.Fa idlen	199	.Fa idlen
219	parameters against the keyIdentifier	200	parameters against the
220	.Vt CMS_RecipientInfo	201	.Fa keyIdentifier
		202	field of the
		203	.Vt KEKRecipientInfo
221	structure	204	structure
222	.Fa ri ,	205	.Fa ri .
223	which must be of type
224	.Dv CMS_RECIPINFO_KEK .
225	It returns zero if the comparison is successful or non-zero if not.
226	.Pp	206	.Pp
227	.Fn CMS_RecipientInfo_set0_key	207	.Fn CMS_RecipientInfo_set0_key
228	associates the symmetric key	208	associates the symmetric
229	.Fa key	209	.Fa key
230	of length	210	of length
231	.Fa keylen	211	.Fa keylen
232	with the	212	with the
233	.Vt CMS_RecipientInfo	213	.Vt KEKRecipientInfo
234	structure	214	structure
235	.Fa ri ,	215	.Fa ri .
236	which must be of type
237	.Dv CMS_RECIPINFO_KEK .
238	.Pp	216	.Pp
239	.Fn CMS_RecipientInfo_decrypt	217	.Fn CMS_RecipientInfo_decrypt
240	attempts to decrypt the	218	attempts to decrypt the
241	.Vt CMS_RecipientInfo	219	.Vt RecipientInfo
242	structure	220	structure
243	.Fa ri	221	.Fa ri
244	in structure	222	in
245	.Fa cms .	223	.Fa cms .
246	A key must have been associated with the structure first.	224	A key must have been associated with
		225	.Fa ri
		226	first.
247	.Pp	227	.Pp
248	.Fn CMS_RecipientInfo_encrypt	228	.Fn CMS_RecipientInfo_encrypt
249	attempts to encrypt the	229	attempts to encrypt the
250	.Vt CMS_RecipientInfo	230	.Vt RecipientInfo
251	structure	231	structure
252	.Fa ri	232	.Fa ri
253	in structure	233	in
254	.Fa cms .	234	.Fa cms .
255	A key must have been associated with the structure first and the content	235	A key must have been associated with
256	encryption key must be available: for example by a previous call to	236	.Fa ri
		237	first and the content encryption key must be available,
		238	for example by a previous call to
257	.Fn CMS_RecipientInfo_decrypt .	239	.Fn CMS_RecipientInfo_decrypt .
258	.Pp	240	.Pp
259	The main purpose of these functions is to enable an application to	241	The main purpose of these functions is to enable an application to
@@ -262,11 +244,11 @@ method of
262	.Xr CMS_decrypt 3	244	.Xr CMS_decrypt 3
263	is not appropriate.	245	is not appropriate.
264	.Pp	246	.Pp
265	In typical usage, an application will retrieve all	247	In typical usage, an application retrieves all
266	.Vt CMS_RecipientInfo	248	.Vt CMS_RecipientInfo
267	structures using	249	structures using
268	.Fn CMS_get0_RecipientInfos	250	.Fn CMS_get0_RecipientInfos
269	and check the type of each using	251	and checks the type of each using
270	.Fn CMS_RecipientInfo_type .	252	.Fn CMS_RecipientInfo_type .
271	Depending on the type, the	253	Depending on the type, the
272	.Vt CMS_RecipientInfo	254	.Vt CMS_RecipientInfo
@@ -289,18 +271,21 @@ structure.
289	Typically an application will first decrypt an appropriate	271	Typically an application will first decrypt an appropriate
290	.Vt CMS_RecipientInfo	272	.Vt CMS_RecipientInfo
291	structure to make the content encrypt key available.	273	structure to make the content encrypt key available.
292	Ot will then add a new recipient using a function such as	274	It will then add a new recipient using a function such as
293	.Xr CMS_add1_recipient_cert 3	275	.Xr CMS_add1_recipient_cert 3
294	and finally encrypt the content encryption key using	276	and finally encrypt the content encryption key using
295	.Fn CMS_RecipientInfo_encrypt .	277	.Fn CMS_RecipientInfo_encrypt .
296	.Sh RETURN VALUES	278	.Sh RETURN VALUES
297	.Fn CMS_get0_RecipientInfos	279	.Fn CMS_get0_RecipientInfos
298	returns all	280	returns an internal pointer to all the
299	.Vt CMS_RecipientInfo	281	.Vt CMS_RecipientInfo
300	structures, or	282	structures, or
301	.Dv NULL	283	.Dv NULL
302	if an error occurs.	284	if an error occurs.
303	.Pp	285	.Pp
		286	.Fn CMS_RecipientInfo_type
		287	returns an integer constant.
		288	.Pp
304	.Fn CMS_RecipientInfo_ktri_get0_signer_id ,	289	.Fn CMS_RecipientInfo_ktri_get0_signer_id ,
305	.Fn CMS_RecipientInfo_set0_pkey ,	290	.Fn CMS_RecipientInfo_set0_pkey ,
306	.Fn CMS_RecipientInfo_kekri_get0_id ,	291	.Fn CMS_RecipientInfo_kekri_get0_id ,
@@ -313,12 +298,26 @@ return 1 for success or 0 if an error occurs.
313	.Fn CMS_RecipientInfo_ktri_cert_cmp	298	.Fn CMS_RecipientInfo_ktri_cert_cmp
314	and	299	and
315	.Fn CMS_RecipientInfo_kekri_id_cmp	300	.Fn CMS_RecipientInfo_kekri_id_cmp
316	return 0 for a successful comparison or non-zero otherwise.	301	return 0 when
		302	.Fa ri
		303	matches or non-zero otherwise.
317	.Pp	304	.Pp
318	Any error can be obtained from	305	Any error can be obtained from
319	.Xr ERR_get_error 3 .	306	.Xr ERR_get_error 3 .
320	.Sh SEE ALSO	307	.Sh SEE ALSO
321	.Xr CMS_decrypt 3	308	.Xr CMS_decrypt 3
		309	.Sh STANDARDS
		310	RFC 5652 Cryptographic Message Syntax (CMS):
		311	.Bl -dash -compact -offset indent
		312	.It
		313	section 6.1: EnvelopedData Type
		314	.It
		315	section 6.2: RecipientInfo Type
		316	.It
		317	section 6.2.1: KeyTransRecipientInfo Type
		318	.It
		319	section 6.2.3: KEKRecipientInfo Type
		320	.El
322	.Sh HISTORY	321	.Sh HISTORY
323	These functions first appeared in OpenSSL 0.9.8h,	322	These functions first appeared in OpenSSL 0.9.8h,
324	except that	323	except that