diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2013-02-26 17:48:49 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2013-02-26 17:59:56 +0100 |
| commit | e1f1d28f34cc5cfc87772e0d8331e00137a4a213 (patch) | |
| tree | b6dc0ce20450a1036649c8cd726b75cc92c9591c /doc | |
| parent | Fix error codes. (diff) | |
| download | openssl-e1f1d28f34cc5cfc87772e0d8331e00137a4a213.tar.xz openssl-e1f1d28f34cc5cfc87772e0d8331e00137a4a213.zip | |
Add function CMS_RecipientInfo_encrypt
Add CMS_RecipientInfo_encrypt: this function encrypts an existing content
encryption key to match the key in the RecipientInfo structure: this is
useful if a new recpient is added to and existing enveloped data structure.
Add documentation.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/crypto/CMS_get0_RecipientInfos.pod | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/doc/crypto/CMS_get0_RecipientInfos.pod b/doc/crypto/CMS_get0_RecipientInfos.pod index e0355423e6..fa6bb169d1 100644 --- a/doc/crypto/CMS_get0_RecipientInfos.pod +++ b/doc/crypto/CMS_get0_RecipientInfos.pod @@ -20,6 +20,7 @@ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, unsigned char *key, size_t keylen); int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); + int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); =head1 DESCRIPTION @@ -66,6 +67,11 @@ CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure B<ri> in structure B<cms>. A key must have been associated with the structure first. +CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure +B<ri> in structure B<cms>. A key must have been associated with the structure +first and the content encryption key must be available: for example by a +previous call to CMS_RecipientInfo_decrypt(). + =head1 NOTES The main purpose of these functions is to enable an application to lookup @@ -81,6 +87,13 @@ any appropriate means it can then associated with the structure and CMS_RecpientInfo_decrypt() called. If successful CMS_decrypt() can be called with a NULL key to decrypt the enveloped content. +The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an +existing enveloped data structure. Typically an application will first decrypt +an appropriate CMS_RecipientInfo structure to make the content encrypt key +available, it will then add a new recipient using a function such as +CMS_add1_recipient_cert() and finally encrypt the content encryption key +using CMS_RecipientInfo_encrypt(). + =head1 RETURN VALUES CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if @@ -89,6 +102,7 @@ an error occurs. CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(), CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs. +CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs. CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0 for a successful comparison and non zero otherwise. |