diff options
Diffstat (limited to 'src/lib/libcrypto/man/CMS_sign.3')
-rw-r--r-- | src/lib/libcrypto/man/CMS_sign.3 | 49 |
1 files changed, 33 insertions, 16 deletions
diff --git a/src/lib/libcrypto/man/CMS_sign.3 b/src/lib/libcrypto/man/CMS_sign.3 index 1ef0f2d48a..1dfd153ee2 100644 --- a/src/lib/libcrypto/man/CMS_sign.3 +++ b/src/lib/libcrypto/man/CMS_sign.3 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: CMS_sign.3,v 1.5 2019/08/12 16:17:50 schwarze Exp $ | 1 | .\" $OpenBSD: CMS_sign.3,v 1.6 2019/08/18 12:06:51 schwarze Exp $ |
2 | .\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 | 2 | .\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 |
3 | .\" | 3 | .\" |
4 | .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. | 4 | .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. |
@@ -48,7 +48,7 @@ | |||
48 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 48 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
49 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. | 49 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. |
50 | .\" | 50 | .\" |
51 | .Dd $Mdocdate: August 12 2019 $ | 51 | .Dd $Mdocdate: August 18 2019 $ |
52 | .Dt CMS_SIGN 3 | 52 | .Dt CMS_SIGN 3 |
53 | .Os | 53 | .Os |
54 | .Sh NAME | 54 | .Sh NAME |
@@ -66,7 +66,9 @@ | |||
66 | .Fc | 66 | .Fc |
67 | .Sh DESCRIPTION | 67 | .Sh DESCRIPTION |
68 | .Fn CMS_sign | 68 | .Fn CMS_sign |
69 | creates and returns a CMS SignedData structure. | 69 | creates and returns a CMS |
70 | .Vt SignedData | ||
71 | structure. | ||
70 | .Fa signcert | 72 | .Fa signcert |
71 | is the certificate to sign with, | 73 | is the certificate to sign with, |
72 | .Fa pkey | 74 | .Fa pkey |
@@ -80,12 +82,9 @@ Any or all of these parameters can be | |||
80 | The data to be signed is read from | 82 | The data to be signed is read from |
81 | .Fa data . | 83 | .Fa data . |
82 | .Pp | 84 | .Pp |
83 | .Fa flags | ||
84 | is an optional set of flags. | ||
85 | .Pp | ||
86 | Any of the following flags (OR'ed together) can be passed in the | 85 | Any of the following flags (OR'ed together) can be passed in the |
87 | .Fa flags | 86 | .Fa flags |
88 | parameter: | 87 | argument: |
89 | .Bl -tag -width Ds | 88 | .Bl -tag -width Ds |
90 | .It Dv CMS_TEXT | 89 | .It Dv CMS_TEXT |
91 | Prepend MIME headers for the type text/plain to the data. | 90 | Prepend MIME headers for the type text/plain to the data. |
@@ -98,8 +97,8 @@ structure. | |||
98 | The signer's certificate must still be supplied in the | 97 | The signer's certificate must still be supplied in the |
99 | .Fa signcert | 98 | .Fa signcert |
100 | parameter though. | 99 | parameter though. |
101 | This can reduce the size of the signature if the signers certificate can | 100 | This can reduce the size of the signature if the signer's certificate can |
102 | be obtained by other means: for example a previously signed message. | 101 | be obtained by other means, for example from a previously signed message. |
103 | .It Dv CMS_DETACHED | 102 | .It Dv CMS_DETACHED |
104 | Omit the data being signed from the | 103 | Omit the data being signed from the |
105 | .Vt CMS_ContentInfo | 104 | .Vt CMS_ContentInfo |
@@ -114,19 +113,25 @@ even though that is required by the S/MIME specifications. | |||
114 | This option should be used if the supplied data is in binary format. | 113 | This option should be used if the supplied data is in binary format. |
115 | Otherwise the translation will corrupt it. | 114 | Otherwise the translation will corrupt it. |
116 | .It Dv CMS_NOATTR | 115 | .It Dv CMS_NOATTR |
117 | Do not use any signedAttributes. | 116 | Do not add any |
118 | By default, the SignedData structure includes several CMS | 117 | .Vt SignedAttributes . |
119 | signedAttributes including the signing time, the CMS content type, | 118 | By default, the |
120 | and the supported list of ciphers in an SMIMECapabilities attribute. | 119 | .Fa signerInfos |
120 | field includes several CMS | ||
121 | .Vt SignedAttributes | ||
122 | including the signing time, the CMS content type, | ||
123 | and the supported list of ciphers in an | ||
124 | .Vt SMIMECapabilities | ||
125 | attribute. | ||
121 | .It Dv CMS_NOSMIMECAP | 126 | .It Dv CMS_NOSMIMECAP |
122 | Omit just the SMIMECapabilities. | 127 | Omit just the |
128 | .Vt SMIMECapabilities . | ||
123 | If present, the SMIMECapabilities attribute indicates support for the | 129 | If present, the SMIMECapabilities attribute indicates support for the |
124 | following algorithms in preference order: 256 bit AES, Gost R3411-94, | 130 | following algorithms in preference order: 256 bit AES, Gost R3411-94, |
125 | Gost 28147-89, 192 bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit | 131 | Gost 28147-89, 192 bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit |
126 | RC2, DES and 40 bit RC2. | 132 | RC2, DES and 40 bit RC2. |
127 | If any of these algorithms is not available, then it will not be | 133 | If any of these algorithms is not available, then it will not be |
128 | included: for example the GOST algorithms will not be included if | 134 | included. |
129 | the GOST ENGINE is not loaded. | ||
130 | .It Dv CMS_USE_KEYID | 135 | .It Dv CMS_USE_KEYID |
131 | Use the subject key identifier value to identify signing certificates. | 136 | Use the subject key identifier value to identify signing certificates. |
132 | An error occurs if the signing certificate does not have a subject key | 137 | An error occurs if the signing certificate does not have a subject key |
@@ -212,6 +217,18 @@ The error can be obtained from | |||
212 | .Xr ERR_get_error 3 . | 217 | .Xr ERR_get_error 3 . |
213 | .Sh SEE ALSO | 218 | .Sh SEE ALSO |
214 | .Xr CMS_verify 3 | 219 | .Xr CMS_verify 3 |
220 | .Sh STANDARDS | ||
221 | RFC 5652: Cryptographic Message Syntax (CMS) | ||
222 | .Bl -dash -compact -offset indent | ||
223 | .It | ||
224 | section 5.1: SignedData Type | ||
225 | .It | ||
226 | section 5.3: SignerInfo Type | ||
227 | .El | ||
228 | .Pp | ||
229 | RFC 8551: Secure/Multipurpose Internet Mail Extensions (S/MIME) | ||
230 | Version\ 4.0 Message Specification, | ||
231 | section 2.5.2: SMIMECapabilities Attribute | ||
215 | .Sh HISTORY | 232 | .Sh HISTORY |
216 | .Fn CMS_sign | 233 | .Fn CMS_sign |
217 | first appeared in OpenSSL 0.9.8h | 234 | first appeared in OpenSSL 0.9.8h |