1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
.Dd $Mdocdate: November 11 2015 $
.Dt CMS_ADD0_CERT 3
.Os
.Sh NAME
.Nm CMS_add0_cert ,
.Nm CMS_add1_cert ,
.Nm CMS_get1_certs ,
.Nm CMS_add0_crl ,
.Nm CMS_add1_crl ,
.Nm CMS_get1_crls
.Nd CMS certificate and CRL utility functions
.Sh SYNOPSIS
.In openssl/cms.h
.Ft int
.Fo CMS_add0_cert
.Fa "CMS_ContentInfo *cms"
.Fa "X509 *cert"
.Fc
.Ft int
.Fo CMS_add1_cert
.Fa "CMS_ContentInfo *cms"
.Fa "X509 *cert"
.Fc
.Ft STACK_OF(X509) *
.Fo CMS_get1_certs
.Fa "CMS_ContentInfo *cms"
.Fc
.Ft int
.Fo CMS_add0_crl
.Fa "CMS_ContentInfo *cms"
.Fa "X509_CRL *crl"
.Fc
.Ft int
.Fo CMS_add1_crl
.Fa "CMS_ContentInfo *cms"
.Fa "X509_CRL *crl"
.Fc
.Ft STACK_OF(X509_CRL) *
.Fo CMS_get1_crls
.Fa "CMS_ContentInfo *cms"
.Fc
.Sh DESCRIPTION
.Fn CMS_add0_cert
and
.Fn CMS_add1_cert
add certificate
.Fa cert
to
.Fa cms .
.Fa cms
must be of type signed data or enveloped data.
.Pp
.Fn CMS_get1_certs
returns all certificates in
.Fa cms .
.Pp
.Fn CMS_add0_crl
and
.Fn CMS_add1_crl
add CRL
.Fa crl
to
.Fa cms .
.Fn CMS_get1_crls
returns any CRLs in
.Fa cms .
.Sh NOTES
The
.Vt CMS_ContentInfo
structure
.Fa cms
must be of type signed data or enveloped data or an error will be
returned.
.Pp
For signed data, certificates and CRLs are added to the
.Fa certificates
and
.Fa crls
fields of the SignedData structure.
For enveloped data, they are added to
.Fa OriginatorInfo .
.Pp
As the
.Sq 0
implies,
.Fn CMS_add0_cert
adds
.Fa cert
internally to
.Fa cms
and it must not be freed up after the call, as opposed to
.Fn CMS_add1_cert
where
.Fa cert
must be freed up.
.Pp
The same certificate or CRL must not be added to the same cms structure
more than once.
.Sh RETURN VALUES
.Fn CMS_add0_cert ,
.Fn CMS_add1_cert ,
.Fn CMS_add0_crl ,
and
.Fn CMS_add1_crl
return 1 for success and 0 for failure.
.Pp
.Fn CMS_get1_certs
and
.Fn CMS_get1_crls
return the STACK of certificates or CRLs or
.Dv NULL
if there are none or an error occurs.
The only error which will occur in practice is if the
.Fa cms
type is invalid.
.Sh SEE ALSO
.Xr CMS_encrypt 3 ,
.Xr CMS_sign 3 ,
.Xr ERR_get_error 3
.Sh HISTORY
.Fn CMS_add0_cert ,
.Fn CMS_add1_cert ,
.Fn CMS_get1_certs ,
.Fn CMS_add0_crl
and
.Fn CMS_get1_crls
were all first added to OpenSSL 0.9.8.
|
