xref: /openbsd-src/lib/libcrypto/man/CMS_add0_cert.3 (revision a976df8d813aefb47c9670f7a196552b79984a47) 
1*a976df8dStb.\" $OpenBSD: CMS_add0_cert.3,v 1.10 2024/11/30 21:21:40 tb Exp $
254c85986Sschwarze.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
354c85986Sschwarze.\"
4a7817ce3Sschwarze.\" This file is a derived work.
5a7817ce3Sschwarze.\" The changes are covered by the following Copyright and license:
6a7817ce3Sschwarze.\"
7a7817ce3Sschwarze.\" Copyright (c) 2019 Ingo Schwarze <schwarze@openbsd.org>
8a7817ce3Sschwarze.\"
9a7817ce3Sschwarze.\" Permission to use, copy, modify, and distribute this software for any
10a7817ce3Sschwarze.\" purpose with or without fee is hereby granted, provided that the above
11a7817ce3Sschwarze.\" copyright notice and this permission notice appear in all copies.
12a7817ce3Sschwarze.\"
13a7817ce3Sschwarze.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
14a7817ce3Sschwarze.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
15a7817ce3Sschwarze.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
16a7817ce3Sschwarze.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
17a7817ce3Sschwarze.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18a7817ce3Sschwarze.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19a7817ce3Sschwarze.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20a7817ce3Sschwarze.\"
21a7817ce3Sschwarze.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
2254c85986Sschwarze.\" Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
2354c85986Sschwarze.\"
2454c85986Sschwarze.\" Redistribution and use in source and binary forms, with or without
2554c85986Sschwarze.\" modification, are permitted provided that the following conditions
2654c85986Sschwarze.\" are met:
2754c85986Sschwarze.\"
2854c85986Sschwarze.\" 1. Redistributions of source code must retain the above copyright
2954c85986Sschwarze.\"    notice, this list of conditions and the following disclaimer.
3054c85986Sschwarze.\"
3154c85986Sschwarze.\" 2. Redistributions in binary form must reproduce the above copyright
3254c85986Sschwarze.\"    notice, this list of conditions and the following disclaimer in
3354c85986Sschwarze.\"    the documentation and/or other materials provided with the
3454c85986Sschwarze.\"    distribution.
3554c85986Sschwarze.\"
3654c85986Sschwarze.\" 3. All advertising materials mentioning features or use of this
3754c85986Sschwarze.\"    software must display the following acknowledgment:
3854c85986Sschwarze.\"    "This product includes software developed by the OpenSSL Project
3954c85986Sschwarze.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
4054c85986Sschwarze.\"
4154c85986Sschwarze.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
4254c85986Sschwarze.\"    endorse or promote products derived from this software without
4354c85986Sschwarze.\"    prior written permission. For written permission, please contact
4454c85986Sschwarze.\"    openssl-core@openssl.org.
4554c85986Sschwarze.\"
4654c85986Sschwarze.\" 5. Products derived from this software may not be called "OpenSSL"
4754c85986Sschwarze.\"    nor may "OpenSSL" appear in their names without prior written
4854c85986Sschwarze.\"    permission of the OpenSSL Project.
4954c85986Sschwarze.\"
5054c85986Sschwarze.\" 6. Redistributions of any form whatsoever must retain the following
5154c85986Sschwarze.\"    acknowledgment:
5254c85986Sschwarze.\"    "This product includes software developed by the OpenSSL Project
5354c85986Sschwarze.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
5454c85986Sschwarze.\"
5554c85986Sschwarze.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
5654c85986Sschwarze.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
5754c85986Sschwarze.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
5854c85986Sschwarze.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
5954c85986Sschwarze.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
6054c85986Sschwarze.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
6154c85986Sschwarze.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
6254c85986Sschwarze.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
6354c85986Sschwarze.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
6454c85986Sschwarze.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
6554c85986Sschwarze.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
6654c85986Sschwarze.\" OF THE POSSIBILITY OF SUCH DAMAGE.
6754c85986Sschwarze.\"
685c792f2eStb.Dd $Mdocdate: November 30 2024 $
6954c85986Sschwarze.Dt CMS_ADD0_CERT 3
7054c85986Sschwarze.Os
7154c85986Sschwarze.Sh NAME
7254c85986Sschwarze.Nm CMS_add0_cert ,
7354c85986Sschwarze.Nm CMS_add1_cert ,
7454c85986Sschwarze.Nm CMS_get1_certs ,
7554c85986Sschwarze.Nm CMS_add0_crl ,
7654c85986Sschwarze.Nm CMS_add1_crl ,
7754c85986Sschwarze.Nm CMS_get1_crls
7854c85986Sschwarze.Nd CMS certificate and CRL utility functions
7954c85986Sschwarze.Sh SYNOPSIS
8054c85986Sschwarze.In openssl/cms.h
8154c85986Sschwarze.Ft int
8254c85986Sschwarze.Fo CMS_add0_cert
8354c85986Sschwarze.Fa "CMS_ContentInfo *cms"
84a7817ce3Sschwarze.Fa "X509 *certificate"
8554c85986Sschwarze.Fc
8654c85986Sschwarze.Ft int
8754c85986Sschwarze.Fo CMS_add1_cert
8854c85986Sschwarze.Fa "CMS_ContentInfo *cms"
89a7817ce3Sschwarze.Fa "X509 *certificate"
9054c85986Sschwarze.Fc
9154c85986Sschwarze.Ft STACK_OF(X509) *
9254c85986Sschwarze.Fo CMS_get1_certs
9354c85986Sschwarze.Fa "CMS_ContentInfo *cms"
9454c85986Sschwarze.Fc
9554c85986Sschwarze.Ft int
9654c85986Sschwarze.Fo CMS_add0_crl
9754c85986Sschwarze.Fa "CMS_ContentInfo *cms"
9854c85986Sschwarze.Fa "X509_CRL *crl"
9954c85986Sschwarze.Fc
10054c85986Sschwarze.Ft int
10154c85986Sschwarze.Fo CMS_add1_crl
10254c85986Sschwarze.Fa "CMS_ContentInfo *cms"
10354c85986Sschwarze.Fa "X509_CRL *crl"
10454c85986Sschwarze.Fc
10554c85986Sschwarze.Ft STACK_OF(X509_CRL) *
10654c85986Sschwarze.Fo CMS_get1_crls
10754c85986Sschwarze.Fa "CMS_ContentInfo *cms"
10854c85986Sschwarze.Fc
10954c85986Sschwarze.Sh DESCRIPTION
11054c85986Sschwarze.Fn CMS_add0_cert
111a7817ce3Sschwarzeadds the
112a7817ce3Sschwarze.Fa certificate
113a7817ce3Sschwarzeto the
114a7817ce3Sschwarze.Fa certificates
115a7817ce3Sschwarzefield of
11654c85986Sschwarze.Fa cms
117a7817ce3Sschwarzeif it is of the type
118a7817ce3Sschwarze.Vt SignedData
119a7817ce3Sschwarzeor to the
120a7817ce3Sschwarze.Fa originatorInfo.certs
121a7817ce3Sschwarzefield if it is of the type
122a7817ce3Sschwarze.Vt EnvelopedData .
123a7817ce3Sschwarze.Fn CMS_add1_cert
124a7817ce3Sschwarzedoes the same and also increments the reference count of the
125a7817ce3Sschwarze.Fa certificate
126a7817ce3Sschwarzewith
127a7817ce3Sschwarze.Xr X509_up_ref 3
128a7817ce3Sschwarzein case of success.
12954c85986Sschwarze.Pp
13054c85986Sschwarze.Fn CMS_get1_certs
13154c85986Sschwarzereturns all certificates in
13254c85986Sschwarze.Fa cms .
13354c85986Sschwarze.Pp
13454c85986Sschwarze.Fn CMS_add0_crl
135a7817ce3Sschwarzeadds the
13654c85986Sschwarze.Fa crl
137a7817ce3Sschwarzeto the
138a7817ce3Sschwarze.Fa crls
139a7817ce3Sschwarzefield of
140a7817ce3Sschwarze.Fa cms
141a7817ce3Sschwarzeif it is of the type
142a7817ce3Sschwarze.Vt SignedData
143a7817ce3Sschwarzeor to the
144a7817ce3Sschwarze.Fa originatorInfo.crls
145a7817ce3Sschwarzefield if it is of the type
146a7817ce3Sschwarze.Vt EnvelopedData .
147a7817ce3Sschwarze.Fn CMS_add1_crl
148a7817ce3Sschwarzedoes the same and also increments the reference count of the
149a7817ce3Sschwarze.Fa crl
150a7817ce3Sschwarzewith
151a7817ce3Sschwarze.Xr X509_CRL_up_ref 3
152a7817ce3Sschwarzein case of success.
153a7817ce3Sschwarze.Pp
15454c85986Sschwarze.Fn CMS_get1_crls
15554c85986Sschwarzereturns any CRLs in
15654c85986Sschwarze.Fa cms .
15754c85986Sschwarze.Pp
158a7817ce3SschwarzeAn error occurs if
15954c85986Sschwarze.Fa cms
160a7817ce3Sschwarzeis of any type other than
161a7817ce3Sschwarze.Vt SignedData
162a7817ce3Sschwarzeor
163a7817ce3Sschwarze.Vt EnvelopedData .
16454c85986Sschwarze.Pp
165a7817ce3SschwarzeThe same
166a7817ce3Sschwarze.Fa certificate
167a7817ce3Sschwarzeor
168a7817ce3Sschwarze.Fa crl
169a7817ce3Sschwarzemust not be added to the same
17054c85986Sschwarze.Fa cms
171a7817ce3Sschwarzestructure more than once.
17254c85986Sschwarze.Sh RETURN VALUES
17354c85986Sschwarze.Fn CMS_add0_cert ,
17454c85986Sschwarze.Fn CMS_add1_cert ,
17554c85986Sschwarze.Fn CMS_add0_crl ,
17654c85986Sschwarzeand
17754c85986Sschwarze.Fn CMS_add1_crl
17854c85986Sschwarzereturn 1 for success or 0 for failure.
17954c85986Sschwarze.Pp
18054c85986Sschwarze.Fn CMS_get1_certs
18154c85986Sschwarzeand
18254c85986Sschwarze.Fn CMS_get1_crls
18354c85986Sschwarzereturn the STACK of certificates or CRLs or
18454c85986Sschwarze.Dv NULL
18554c85986Sschwarzeif there are none or an error occurs.
1868e3d34b8StbPossible errors are that the
18754c85986Sschwarze.Fa cms
188*a976df8dStbtype is invalid or memory allocation failure.
189*a976df8dStbNot all errors result in an error on the error stack.
1905c792f2eStbThe returned stack must be freed using the appropriate
1915c792f2eStbmacro wrapper of
1925c792f2eStb.Xr sk_pop_free 3 ,
1935c792f2eStbnamely
1945c792f2eStb.Dv sk_X509_pop_free()
1955c792f2eStbor
1965c792f2eStb.Dv sk_X509_CRL_pop_free() .
19754c85986Sschwarze.Sh SEE ALSO
19885bbda65Sschwarze.Xr CMS_ContentInfo_new 3 ,
19954c85986Sschwarze.Xr CMS_encrypt 3 ,
20085bbda65Sschwarze.Xr CMS_final 3 ,
20154c85986Sschwarze.Xr CMS_sign 3 ,
20254c85986Sschwarze.Xr ERR_get_error 3
203a7817ce3Sschwarze.Sh STANDARDS
204a7817ce3SschwarzeRFC 5652: Cryptographic Message Syntax
205a7817ce3Sschwarze.Bl -dash -compact -offset indent
206a7817ce3Sschwarze.It
207a7817ce3Sschwarzesection 5.1: SignedData Type
208a7817ce3Sschwarze.It
209a7817ce3Sschwarzesection 6.1: EnvelopedData Type
210a7817ce3Sschwarze.El
21154c85986Sschwarze.Sh HISTORY
21254c85986Sschwarze.Fn CMS_add0_cert ,
21354c85986Sschwarze.Fn CMS_add1_cert ,
21454c85986Sschwarze.Fn CMS_get1_certs ,
21566a3cb98Sschwarze.Fn CMS_add0_crl ,
21654c85986Sschwarzeand
21754c85986Sschwarze.Fn CMS_get1_crls
21866a3cb98Sschwarzefirst appeared in OpenSSL 0.9.8h and
21966a3cb98Sschwarze.Fn CMS_add1_crl
22066a3cb98Sschwarzein OpenSSL 1.0.0.
22166a3cb98SschwarzeThese functions have been available since
222569a59c8Sschwarze.Ox 6.7 .
223