CMS_ADD0_CERT(3) | Library Functions Manual | CMS_ADD0_CERT(3) |
NAME¶
CMS_add0_cert
,
CMS_add1_cert
,
CMS_get1_certs
,
CMS_add0_crl
, CMS_add1_crl
,
CMS_get1_crls
— CMS
certificate and CRL utility functions
SYNOPSIS¶
#include
<openssl/cms.h>
int
CMS_add0_cert
(CMS_ContentInfo
*cms, X509 *certificate);
int
CMS_add1_cert
(CMS_ContentInfo
*cms, X509 *certificate);
STACK_OF(X509) *
CMS_get1_certs
(CMS_ContentInfo
*cms);
int
CMS_add0_crl
(CMS_ContentInfo
*cms, X509_CRL *crl);
int
CMS_add1_crl
(CMS_ContentInfo
*cms, X509_CRL *crl);
STACK_OF(X509_CRL) *
CMS_get1_crls
(CMS_ContentInfo
*cms);
DESCRIPTION¶
CMS_add0_cert
()
adds the certificate to the
certificates field of cms if it
is of the type SignedData or to the
originatorInfo.certs field if it is of the type
EnvelopedData.
CMS_add1_cert
()
does the same and also increments the reference count of the
certificate with X509_up_ref(3) in
case of success.
CMS_get1_certs
()
returns all certificates in cms.
CMS_add0_crl
()
adds the crl to the crls field
of cms if it is of the type
SignedData or to the
originatorInfo.crls field if it is of the type
EnvelopedData.
CMS_add1_crl
()
does the same and also increments the reference count of the
crl with X509_CRL_up_ref(3) in case
of success.
CMS_get1_crls
()
returns any CRLs in cms.
An error occurs if cms is of any type other than SignedData or EnvelopedData.
The same certificate or crl must not be added to the same cms structure more than once.
RETURN VALUES¶
CMS_add0_cert
(),
CMS_add1_cert
(),
CMS_add0_crl
(), and
CMS_add1_crl
() return 1 for success or 0 for
failure.
CMS_get1_certs
() and
CMS_get1_crls
() return the STACK of certificates or
CRLs or NULL
if there are none or an error occurs.
Possible errors are that the cms type is invalid or
memory allocation failure. Not all errors result in an error on the error
stack. The returned stack must be freed using the appropriate macro wrapper
of sk_pop_free(3), namely
sk_X509_pop_free()
or
sk_X509_CRL_pop_free()
.
SEE ALSO¶
CMS_ContentInfo_new(3), CMS_encrypt(3), CMS_final(3), CMS_sign(3), ERR_get_error(3)
STANDARDS¶
RFC 5652: Cryptographic Message Syntax
- section 5.1: SignedData Type
- section 6.1: EnvelopedData Type
HISTORY¶
CMS_add0_cert
(),
CMS_add1_cert
(),
CMS_get1_certs
(),
CMS_add0_crl
(), and
CMS_get1_crls
() first appeared in OpenSSL 0.9.8h and
CMS_add1_crl
() in OpenSSL 1.0.0. These functions
have been available since OpenBSD 6.7.
November 30, 2024 | Linux 6.4.0-150700.53.19-default |