1CMS_get0_RecipientInfos(3) OpenSSL CMS_get0_RecipientInfos(3)
2
6 CMS_get0_RecipientInfos, CMS_RecipientInfo_type,
7 CMS_RecipientInfo_ktri_get0_signer_id,CMS_RecipientInfo_ktri_cert_cmp,
8 CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id,
9 CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key,
10 CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS
11 envelopedData RecipientInfo routines
12
14 #include <openssl/cms.h>
15 STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
17 int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
18 int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno);
20 int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
21 int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
22 int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg, ASN1_OCTET_STRING **pid, ASN1_GENERALIZEDTIME **pdate, ASN1_OBJECT **potherid, ASN1_TYPE **pothertype);
24 int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, const unsigned char *id, size_t idlen);
25 int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, unsigned char *key, size_t keylen);
26 int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
28 int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
29
31 The function CMS_get0_RecipientInfos() returns all the
32 CMS_RecipientInfo structures associated with a CMS EnvelopedData
33 structure.
34 CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo
36 structure ri. It will currently return CMS_RECIPINFO_TRANS,
37 CMS_RECIPINFO_AGREE, CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or
38 CMS_RECIPINFO_OTHER.
39 CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate
41 recipient identifier associated with a specific CMS_RecipientInfo
42 structure ri, which must be of type CMS_RECIPINFO_TRANS. Either the
43 keyidentifier will be set in keyid or both issuer name and serial
44 number in issuer and sno.
45 CMS_RecipientInfo_ktri_cert_cmp() compares the certificate cert against
47 the CMS_RecipientInfo structure ri, which must be of type
48 CMS_RECIPINFO_TRANS. It returns zero if the comparison is successful
49 and non zero if not.
50 CMS_RecipientInfo_set0_pkey() associates the private key pkey with the
52 CMS_RecipientInfo structure ri, which must be of type
53 CMS_RECIPINFO_TRANS.
54 CMS_RecipientInfo_kekri_get0_id() retrieves the key information from
56 the CMS_RecipientInfo structure ri which must be of type
57 CMS_RECIPINFO_KEK. Any of the remaining parameters can be NULL if the
58 application is not interested in the value of a field. Where a field is
59 optional and absent NULL will be written to the corresponding
60 parameter. The keyEncryptionAlgorithm field is written to palg, the
61 keyIdentifier field is written to pid, the date field if present is
62 written to pdate, if the other field is present the components
63 keyAttrId and keyAttr are written to parameters potherid and
64 pothertype.
65 CMS_RecipientInfo_kekri_id_cmp() compares the ID in the id and idlen
67 parameters against the keyIdentifier CMS_RecipientInfo structure ri,
68 which must be of type CMS_RECIPINFO_KEK. It returns zero if the
69 comparison is successful and non zero if not.
70 CMS_RecipientInfo_set0_key() associates the symmetric key key of length
72 keylen with the CMS_RecipientInfo structure ri, which must be of type
73 CMS_RECIPINFO_KEK.
74 CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo
76 structure ri in structure cms. A key must have been associated with the
77 structure first.
78 CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo
80 structure ri in structure cms. A key must have been associated with the
81 structure first and the content encryption key must be available: for
82 example by a previous call to CMS_RecipientInfo_decrypt().
83
85 The main purpose of these functions is to enable an application to
86 lookup recipient keys using any appropriate technique when the simpler
87 method of CMS_decrypt() is not appropriate.
88 In typical usage and application will retrieve all CMS_RecipientInfo
90 structures using CMS_get0_RecipientInfos() and check the type of each
91 using CMS_RecpientInfo_type(). Depending on the type the
92 CMS_RecipientInfo structure can be ignored or its key identifier data
93 retrieved using an appropriate function. Then if the corresponding
94 secret or private key can be obtained by any appropriate means it can
95 then associated with the structure and CMS_RecpientInfo_decrypt()
96 called. If successful CMS_decrypt() can be called with a NULL key to
97 decrypt the enveloped content.
98 The CMS_RecipientInfo_encrypt() can be used to add a new recipient to
100 an existing enveloped data structure. Typically an application will
101 first decrypt an appropriate CMS_RecipientInfo structure to make the
102 content encrypt key available, it will then add a new recipient using a
103 function such as CMS_add1_recipient_cert() and finally encrypt the
104 content encryption key using CMS_RecipientInfo_encrypt().
105
107 CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or
108 NULL if an error occurs.
109 CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(),
111 CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and
112 CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error
113 occurs. CMS_RecipientInfo_encrypt() return 1 for success or 0 if an
114 error occurs.
115 CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp()
117 return 0 for a successful comparison and non zero otherwise.
118 Any error can be obtained from ERR_get_error(3).
120
122 ERR_get_error(3), CMS_decrypt(3)
123
125 These functions were first was added to OpenSSL 0.9.8
1261.0.2k 2017-01-26 CMS_get0_RecipientInfos(3)