$NetBSD: PKCS7_decrypt.3,v 1.25 2024/09/08 13:08:28 christos Exp $
-*- mode: troff; coding: utf-8 -*-
Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)
Standard preamble:
========================================================================
..
. ds C` "" . ds C' "" 'br\} . ds C` . ds C' 'br\}
Escape single quotes in literal strings from groff's Unicode transform.
If the F register is >0, we'll generate index entries on stderr for
titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
entries marked with X<> in POD. Of course, you'll have to process the
output yourself in some meaningful fashion.
Avoid warning from groff about undefined register 'F'.
.. .nr rF 0 . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF ========================================================================
Title "PKCS7_decrypt 3"
way too many mistakes in technical documents.
-*- mode: troff; coding: utf-8 -*-
Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)
Standard preamble:
========================================================================
..
.... \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
. ds C` "" . ds C' "" 'br\} . ds C` . ds C' 'br\}
Escape single quotes in literal strings from groff's Unicode transform.
If the F register is >0, we'll generate index entries on stderr for
titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
entries marked with X<> in POD. Of course, you'll have to process the
output yourself in some meaningful fashion.
Avoid warning from groff about undefined register 'F'.
.. .nr rF 0 . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF ========================================================================
Title "PKCS7_decrypt 3"
PKCS7_decrypt 3 2024-09-03 3.0.15 OpenSSL
For nroff, turn off justification. Always turn off hyphenation; it makesway too many mistakes in technical documents.
NAME
PKCS7_decrypt - decrypt content from a PKCS#7 envelopedData structure
SYNOPSIS
Header "SYNOPSIS" .Vb 1
#include <openssl/pkcs7.h>
\&
int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
.Ve
DESCRIPTION
Header "DESCRIPTION" \fBPKCS7_decrypt() extracts and decrypts the content from a PKCS#7 envelopedData
structure. pkey is the private key of the recipient, cert is the
recipients certificate, data is a BIO to write the content to and
\fBflags is an optional set of flags.
NOTES
Header "NOTES" Although the recipients certificate is not needed to decrypt the data it is needed
to locate the appropriate (of possible several) recipients in the PKCS#7 structure.
The following flags can be passed in the flags parameter.
If the PKCS7_TEXT flag is set MIME headers for type text/plain are deleted from the content. If the content is not of type text/plain then an error is returned.
"RETURN VALUES"
Header "RETURN VALUES" \fBPKCS7_decrypt() returns either 1 for success or 0 for failure.
The error can be obtained from ERR_get_error\|(3)
BUGS
Header "BUGS" \fBPKCS7_decrypt() must be passed the correct recipient key and certificate. It would
be better if it could look up the correct key and certificate from a database.
The lack of single pass processing and need to hold all data in memory as mentioned in PKCS7_sign() also applies to PKCS7_verify().
"SEE ALSO"
Header "SEE ALSO" \fBERR_get_error\|(3), PKCS7_encrypt\|(3)
COPYRIGHT
Header "COPYRIGHT" Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.