openssl/doc/man3/CMS_add0_cert.pod

=pod

=head1 NAME

CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_get1_crls
- CMS certificate and CRL utility functions

=head1 SYNOPSIS

 #include <openssl/cms.h>

 int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
 int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
 STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);

 int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
 int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
 STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);

=head1 DESCRIPTION

CMS_add0_cert() and CMS_add1_cert() add certificate I<cert> to I<cms>.
This is used by L<CMS_sign_ex(3)> and L<CMS_sign(3)> and may be used before
calling L<CMS_verify(3)> to help chain building in certificate validation.
I<cms> must be of type signed data or (authenticated) enveloped data.
For signed data, such a certificate can be used when signing or verifying
to fill in the signer certificate or to provide an extra CA certificate
that may be needed for chain building in certificate validation.

CMS_get1_certs() returns all certificates in I<cms>.

CMS_add0_crl() and CMS_add1_crl() add CRL I<crl> to I<cms>.
I<cms> must be of type signed data or (authenticated) enveloped data.
For signed data, such a CRL may be used in certificate validation
with L<CMS_verify(3)>.
It may be given both for inclusion when signing a CMS message
and when verifying a signed CMS message.

CMS_get1_crls() returns all CRLs in I<cms>.

=head1 NOTES

The CMS_ContentInfo structure I<cms> must be of type signed data or enveloped
data or an error will be returned.

For signed data certificates and CRLs are added to the I<certificates> and
I<crls> fields of SignedData structure. For enveloped data they are added to
B<OriginatorInfo>.

As the I<0> implies CMS_add0_cert() adds I<cert> internally to I<cms> and it
must not be freed up after the call as opposed to CMS_add1_cert() where I<cert>
must be freed up.

The same certificate must not be added to the same cms structure more than once.

=head1 RETURN VALUES

CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return
1 for success and 0 for failure.

CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs
or NULL if there are none or an error occurs. The only error which will occur
in practice is if the I<cms> type is invalid.

=head1 SEE ALSO

L<ERR_get_error(3)>,
L<CMS_sign(3)>, L<CMS_sign_ex(3)>, L<CMS_verify(3)>,
L<CMS_encrypt(3)>

=head1 COPYRIGHT

Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Initial CMS API documentation. 2008-04-09 06:27:10 +08:00			`=pod`

			`=head1 NAME`

Look for comma before - in POD pages [skip ci] Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3021) 2017-03-24 01:04:52 +08:00			`CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_get1_crls`
			`- CMS certificate and CRL utility functions`
Initial CMS API documentation. 2008-04-09 06:27:10 +08:00
			`=head1 SYNOPSIS`

			`#include <openssl/cms.h>`

			`int CMS_add0_cert(CMS_ContentInfo cms, X509 cert);`
			`int CMS_add1_cert(CMS_ContentInfo cms, X509 cert);`
			`STACK_OF(X509) CMS_get1_certs(CMS_ContentInfo cms);`

			`int CMS_add0_crl(CMS_ContentInfo cms, X509_CRL crl);`
New function CMS_add1_crl(). 2008-05-03 01:27:01 +08:00			`int CMS_add1_crl(CMS_ContentInfo cms, X509_CRL crl);`
Initial CMS API documentation. 2008-04-09 06:27:10 +08:00			`STACK_OF(X509_CRL) CMS_get1_crls(CMS_ContentInfo cms);`

			`=head1 DESCRIPTION`

Fix many inconsistencies in doc of CMS_verify() and PKC7_verify() etc. Also change B< to I< in {CMS,PKCS7}_verify.pod, PKCS7_sign{,_add_signer}.pod Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19108) 2022-07-29 19:09:52 +08:00			`CMS_add0_cert() and CMS_add1_cert() add certificate I<cert> to I<cms>.`
Add sections that were missing Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20398) 2023-02-28 16:51:36 +08:00			`This is used by L<CMS_sign_ex(3)> and L<CMS_sign(3)> and may be used before`
			`calling L<CMS_verify(3)> to help chain building in certificate validation.`
Fix many inconsistencies in doc of CMS_verify() and PKC7_verify() etc. Also change B< to I< in {CMS,PKCS7}_verify.pod, PKCS7_sign{,_add_signer}.pod Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19108) 2022-07-29 19:09:52 +08:00			`I<cms> must be of type signed data or (authenticated) enveloped data.`
			`For signed data, such a certificate can be used when signing or verifying`
			`to fill in the signer certificate or to provide an extra CA certificate`
			`that may be needed for chain building in certificate validation.`
Initial CMS API documentation. 2008-04-09 06:27:10 +08:00
Fix many inconsistencies in doc of CMS_verify() and PKC7_verify() etc. Also change B< to I< in {CMS,PKCS7}_verify.pod, PKCS7_sign{,_add_signer}.pod Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19108) 2022-07-29 19:09:52 +08:00			`CMS_get1_certs() returns all certificates in I<cms>.`
Initial CMS API documentation. 2008-04-09 06:27:10 +08:00
Fix many inconsistencies in doc of CMS_verify() and PKC7_verify() etc. Also change B< to I< in {CMS,PKCS7}_verify.pod, PKCS7_sign{,_add_signer}.pod Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19108) 2022-07-29 19:09:52 +08:00			`CMS_add0_crl() and CMS_add1_crl() add CRL I<crl> to I<cms>.`
			`I<cms> must be of type signed data or (authenticated) enveloped data.`
CMS_add0_cert.pod: remove wrong text on duplicate CRLs; small further improvements Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20275) (cherry picked from commit 9fae775acf56d64854d76f0399a80919f9b115e7) 2023-02-13 20:14:54 +08:00			`For signed data, such a CRL may be used in certificate validation`
Add sections that were missing Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20398) 2023-02-28 16:51:36 +08:00			`with L<CMS_verify(3)>.`
Fix many inconsistencies in doc of CMS_verify() and PKC7_verify() etc. Also change B< to I< in {CMS,PKCS7}_verify.pod, PKCS7_sign{,_add_signer}.pod Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19108) 2022-07-29 19:09:52 +08:00			`It may be given both for inclusion when signing a CMS message`
			`and when verifying a signed CMS message.`

			`CMS_get1_crls() returns all CRLs in I<cms>.`
Initial CMS API documentation. 2008-04-09 06:27:10 +08:00
			`=head1 NOTES`

Fix many inconsistencies in doc of CMS_verify() and PKC7_verify() etc. Also change B< to I< in {CMS,PKCS7}_verify.pod, PKCS7_sign{,_add_signer}.pod Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19108) 2022-07-29 19:09:52 +08:00			`The CMS_ContentInfo structure I<cms> must be of type signed data or enveloped`
Reformat, fix typos and clarify CMS API docs. 2008-04-11 07:28:25 +08:00			`data or an error will be returned.`

Fix many inconsistencies in doc of CMS_verify() and PKC7_verify() etc. Also change B< to I< in {CMS,PKCS7}_verify.pod, PKCS7_sign{,_add_signer}.pod Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19108) 2022-07-29 19:09:52 +08:00			`For signed data certificates and CRLs are added to the I<certificates> and`
			`I<crls> fields of SignedData structure. For enveloped data they are added to`
Reformat, fix typos and clarify CMS API docs. 2008-04-11 07:28:25 +08:00			`B<OriginatorInfo>.`

Fix many inconsistencies in doc of CMS_verify() and PKC7_verify() etc. Also change B< to I< in {CMS,PKCS7}_verify.pod, PKCS7_sign{,_add_signer}.pod Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19108) 2022-07-29 19:09:52 +08:00			`As the I<0> implies CMS_add0_cert() adds I<cert> internally to I<cms> and it`
			`must not be freed up after the call as opposed to CMS_add1_cert() where I<cert>`
Initial CMS API documentation. 2008-04-09 06:27:10 +08:00			`must be freed up.`

CMS_add0_cert.pod: remove wrong text on duplicate CRLs; small further improvements Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20275) (cherry picked from commit 9fae775acf56d64854d76f0399a80919f9b115e7) 2023-02-13 20:14:54 +08:00			`The same certificate must not be added to the same cms structure more than once.`
Initial CMS API documentation. 2008-04-09 06:27:10 +08:00
			`=head1 RETURN VALUES`

New function CMS_add1_crl(). 2008-05-03 01:27:01 +08:00			`CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return`
Fix nits in pod files. Add doc-nit-check to help find future issues. Make podchecker be almost clean. Remove trailing whitespace. Tab expansion Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-20 20:11:46 +08:00			`1 for success and 0 for failure.`
Initial CMS API documentation. 2008-04-09 06:27:10 +08:00
			`CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs`
			`or NULL if there are none or an error occurs. The only error which will occur`
Fix many inconsistencies in doc of CMS_verify() and PKC7_verify() etc. Also change B< to I< in {CMS,PKCS7}_verify.pod, PKCS7_sign{,_add_signer}.pod Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19108) 2022-07-29 19:09:52 +08:00			`in practice is if the I<cms> type is invalid.`
Initial CMS API documentation. 2008-04-09 06:27:10 +08:00
			`=head1 SEE ALSO`

Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-18 03:21:33 +08:00			`L<ERR_get_error(3)>,`
CMS_add0_cert.pod: remove wrong text on duplicate CRLs; small further improvements Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20275) (cherry picked from commit 9fae775acf56d64854d76f0399a80919f9b115e7) 2023-02-13 20:14:54 +08:00			`L<CMS_sign(3)>, L<CMS_sign_ex(3)>, L<CMS_verify(3)>,`
Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-18 03:21:33 +08:00			`L<CMS_encrypt(3)>`
Initial CMS API documentation. 2008-04-09 06:27:10 +08:00
Add copyright to manpages Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 23:44:05 +08:00			`=head1 COPYRIGHT`

Update copyright year Reviewed-by: Matt Caswell <matt@openssl.org> Release: yes (Merged from https://github.com/openssl/openssl/pull/19803) 2022-12-01 19:29:01 +08:00			`Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved.`
Add copyright to manpages Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 23:44:05 +08:00
Following the license change, modify the boilerplates in doc/man3/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7829) 2018-12-06 21:04:44 +08:00			`Licensed under the Apache License 2.0 (the "License"). You may not use`
Add copyright to manpages Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 23:44:05 +08:00			`this file except in compliance with the License. You can obtain a copy`
			`in the file LICENSE in the source distribution or at`
			`L<https://www.openssl.org/source/license.html>.`

			`=cut`