summaryrefslogtreecommitdiff
path: root/lib/libcrypto/doc/SMIME_write_PKCS7.pod
blob: 2cfad2e04976417ea42ae3ea310a34aa97ed3a46 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
=pod

=head1 NAME

SMIME_write_PKCS7 - convert PKCS#7 structure to S/MIME format.

=head1 SYNOPSIS

int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);

=head1 DESCRIPTION

SMIME_write_PKCS7() adds the appropriate MIME headers to a PKCS#7
structure to produce an S/MIME message.

B<out> is the BIO to write the data to. B<p7> is the appropriate
B<PKCS7> structure. If cleartext signing (B<multipart/signed>) is
being used then the signed data must be supplied in the B<data> 
argument. B<flags> is an optional set of flags.

=head1 NOTES

The following flags can be passed in the B<flags> parameter.

If B<PKCS7_DETACHED> is set then cleartext signing will be used,
this option only makes sense for signedData where B<PKCS7_DETACHED>
is also set when PKCS7_sign() is also called.

If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain>
are added to the content, this only makes sense if B<PKCS7_DETACHED>
is also set.

If cleartext signing is being used then the data must be read twice:
once to compute the signature in PKCS7_sign() and once to output the
S/MIME message.

=head1 BUGS

SMIME_write_PKCS7() always base64 encodes PKCS#7 structures, there
should be an option to disable this.

There should really be a way to produce cleartext signing using only
a single pass of the data.

=head1 RETURN VALUES

SMIME_write_PKCS7() returns 1 for success or 0 for failure.

=head1 SEE ALSO

L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>

=head1 HISTORY

SMIME_write_PKCS7() was added to OpenSSL 0.9.5

=cut