| yuezonghe | 824eb0c | 2024-06-27 02:32:26 -0700 | [diff] [blame^] | 1 | =pod |
| 2 | |
| 3 | =head1 NAME |
| 4 | |
| 5 | PKCS7_sign - create a PKCS#7 signedData structure |
| 6 | |
| 7 | =head1 SYNOPSIS |
| 8 | |
| 9 | #include <openssl/pkcs7.h> |
| 10 | |
| 11 | PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, |
| 12 | BIO *data, int flags); |
| 13 | |
| 14 | =head1 DESCRIPTION |
| 15 | |
| 16 | PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is |
| 17 | the certificate to sign with, B<pkey> is the corresponding private key. |
| 18 | B<certs> is an optional additional set of certificates to include in the PKCS#7 |
| 19 | structure (for example any intermediate CAs in the chain). |
| 20 | |
| 21 | The data to be signed is read from BIO B<data>. |
| 22 | |
| 23 | B<flags> is an optional set of flags. |
| 24 | |
| 25 | =head1 NOTES |
| 26 | |
| 27 | Any of the following flags (ored together) can be passed in the B<flags> |
| 28 | parameter. |
| 29 | |
| 30 | Many S/MIME clients expect the signed content to include valid MIME headers. If |
| 31 | the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended |
| 32 | to the data. |
| 33 | |
| 34 | If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the |
| 35 | PKCS7 structure, the signer's certificate must still be supplied in the |
| 36 | B<signcert> parameter though. This can reduce the size of the signature if the |
| 37 | signers certificate can be obtained by other means: for example a previously |
| 38 | signed message. |
| 39 | |
| 40 | The data being signed is included in the PKCS7 structure, unless |
| 41 | B<PKCS7_DETACHED> is set in which case it is omitted. This is used for PKCS7 |
| 42 | detached signatures which are used in S/MIME plaintext signed messages for |
| 43 | example. |
| 44 | |
| 45 | Normally the supplied content is translated into MIME canonical format (as |
| 46 | required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation |
| 47 | occurs. This option should be used if the supplied data is in binary format |
| 48 | otherwise the translation will corrupt it. |
| 49 | |
| 50 | The signedData structure includes several PKCS#7 authenticatedAttributes |
| 51 | including the signing time, the PKCS#7 content type and the supported list of |
| 52 | ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no |
| 53 | authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just |
| 54 | the SMIMECapabilities are omitted. |
| 55 | |
| 56 | If present the SMIMECapabilities attribute indicates support for the following |
| 57 | algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of |
| 58 | these algorithms is disabled then it will not be included. |
| 59 | |
| 60 | If the flags B<PKCS7_STREAM> is set then the returned B<PKCS7> structure is |
| 61 | just initialized ready to perform the signing operation. The signing is however |
| 62 | B<not> performed and the data to be signed is not read from the B<data> |
| 63 | parameter. Signing is deferred until after the data has been written. In this |
| 64 | way data can be signed in a single pass. |
| 65 | |
| 66 | If the B<PKCS7_PARTIAL> flag is set a partial B<PKCS7> structure is output to |
| 67 | which additional signers and capabilities can be added before finalization. |
| 68 | |
| 69 | =head1 NOTES |
| 70 | |
| 71 | If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not> |
| 72 | complete and outputting its contents via a function that does not properly |
| 73 | finalize the B<PKCS7> structure will give unpredictable results. |
| 74 | |
| 75 | Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(), |
| 76 | PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization |
| 77 | can be performed by obtaining the streaming ASN1 B<BIO> directly using |
| 78 | BIO_new_PKCS7(). |
| 79 | |
| 80 | If a signer is specified it will use the default digest for the signing |
| 81 | algorithm. This is B<SHA1> for both RSA and DSA keys. |
| 82 | |
| 83 | The B<certs>, B<signcert> and B<pkey> parameters can all be |
| 84 | B<NULL> if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added |
| 85 | using the function PKCS7_sign_add_signer(). PKCS7_final() must also be |
| 86 | called to finalize the structure if streaming is not enabled. Alternative |
| 87 | signing digests can also be specified using this method. |
| 88 | |
| 89 | If B<signcert> and B<pkey> are NULL then a certificates only |
| 90 | PKCS#7 structure is output. |
| 91 | |
| 92 | In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must |
| 93 | B<NOT> be NULL. |
| 94 | |
| 95 | =head1 BUGS |
| 96 | |
| 97 | Some advanced attributes such as counter signatures are not supported. |
| 98 | |
| 99 | =head1 RETURN VALUES |
| 100 | |
| 101 | PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error |
| 102 | occurred. The error can be obtained from ERR_get_error(3). |
| 103 | |
| 104 | =head1 SEE ALSO |
| 105 | |
| 106 | L<ERR_get_error(3)>, L<PKCS7_verify(3)> |
| 107 | |
| 108 | =head1 HISTORY |
| 109 | |
| 110 | The B<PKCS7_PARTIAL> flag, and the ability for B<certs>, B<signcert>, |
| 111 | and B<pkey> parameters to be B<NULL> were added in OpenSSL 1.0.0. |
| 112 | |
| 113 | The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0. |
| 114 | |
| 115 | =head1 COPYRIGHT |
| 116 | |
| 117 | Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved. |
| 118 | |
| 119 | Licensed under the OpenSSL license (the "License"). You may not use |
| 120 | this file except in compliance with the License. You can obtain a copy |
| 121 | in the file LICENSE in the source distribution or at |
| 122 | L<https://www.openssl.org/source/license.html>. |
| 123 | |
| 124 | =cut |