1CMS_ADD1_RECIPIENT_CERT(3) OpenSSL CMS_ADD1_RECIPIENT_CERT(3)
2
3
4
6 CMS_add1_recipient_cert, CMS_add0_recipient_key - add recipients to a
7 CMS enveloped data structure
8
10 #include <openssl/cms.h>
11
12 CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
13 X509 *recip, unsigned int flags);
14
15 CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
16 unsigned char *key, size_t keylen,
17 unsigned char *id, size_t idlen,
18 ASN1_GENERALIZEDTIME *date,
19 ASN1_OBJECT *otherTypeId,
20 ASN1_TYPE *otherType);
21
23 CMS_add1_recipient_cert() adds recipient recip to CMS_ContentInfo
24 enveloped data structure cms as a KeyTransRecipientInfo structure.
25
26 CMS_add0_recipient_key() adds symmetric key key of length keylen using
27 wrapping algorithm nid, identifier id of length idlen and optional
28 values date, otherTypeId and otherType to CMS_ContentInfo enveloped
29 data structure cms as a KEKRecipientInfo structure.
30
31 The CMS_ContentInfo structure should be obtained from an initial call
32 to CMS_encrypt() with the flag CMS_PARTIAL set.
33
35 The main purpose of this function is to provide finer control over a
36 CMS enveloped data structure where the simpler CMS_encrypt() function
37 defaults are not appropriate. For example if one or more
38 KEKRecipientInfo structures need to be added. New attributes can also
39 be added using the returned CMS_RecipientInfo structure and the CMS
40 attribute utility functions.
41
42 OpenSSL will by default identify recipient certificates using issuer
43 name and serial number. If CMS_USE_KEYID is set it will use the subject
44 key identifier value instead. An error occurs if all recipient
45 certificates do not have a subject key identifier extension.
46
47 Currently only AES based key wrapping algorithms are supported for nid,
48 specifically: NID_id_aes128_wrap, NID_id_aes192_wrap and
49 NID_id_aes256_wrap. If nid is set to NID_undef then an AES wrap
50 algorithm will be used consistent with keylen.
51
53 CMS_add1_recipient_cert() and CMS_add0_recipient_key() return an
54 internal pointer to the CMS_RecipientInfo structure just added or NULL
55 if an error occurs.
56
58 ERR_get_error(3), CMS_decrypt(3), CMS_final(3),
59
61 Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
62
63 Licensed under the OpenSSL license (the "License"). You may not use
64 this file except in compliance with the License. You can obtain a copy
65 in the file LICENSE in the source distribution or at
66 <https://www.openssl.org/source/license.html>.
67
68
69
701.1.1q 2023-02-06 CMS_ADD1_RECIPIENT_CERT(3)