| CMS_decrypt.3 (273399) | CMS_decrypt.3 (279264) |
|---|---|
| 1.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.28) | 1.\" Automatically generated by Pod::Man 2.27 (Pod::Simple 3.28) |
| 2.\" 3.\" Standard preamble: 4.\" ======================================================================== 5.de Sp \" Vertical space (when we can't use .PP) 6.if t .sp .5v 7.if n .sp 8.. 9.de Vb \" Begin verbatim text --- 23 unchanged lines hidden (view full) --- 33. ds C` "" 34. ds C' "" 35'br\} 36.el\{\ 37. ds -- \|\(em\| 38. ds PI \(*p 39. ds L" `` 40. ds R" '' | 2.\" 3.\" Standard preamble: 4.\" ======================================================================== 5.de Sp \" Vertical space (when we can't use .PP) 6.if t .sp .5v 7.if n .sp 8.. 9.de Vb \" Begin verbatim text --- 23 unchanged lines hidden (view full) --- 33. ds C` "" 34. ds C' "" 35'br\} 36.el\{\ 37. ds -- \|\(em\| 38. ds PI \(*p 39. ds L" `` 40. ds R" '' |
| 41. ds C` 42. ds C' |
|
| 41'br\} 42.\" 43.\" Escape single quotes in literal strings from groff's Unicode transform. 44.ie \n(.g .ds Aq \(aq 45.el .ds Aq ' 46.\" 47.\" If the F register is turned on, we'll generate index entries on stderr for 48.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index 49.\" entries marked with X<> in POD. Of course, you'll have to process the 50.\" output yourself in some meaningful fashion. | 43'br\} 44.\" 45.\" Escape single quotes in literal strings from groff's Unicode transform. 46.ie \n(.g .ds Aq \(aq 47.el .ds Aq ' 48.\" 49.\" If the F register is turned on, we'll generate index entries on stderr for 50.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index 51.\" entries marked with X<> in POD. Of course, you'll have to process the 52.\" output yourself in some meaningful fashion. |
| 51.ie \nF \{\ 52. de IX 53. tm Index:\\$1\t\\n%\t"\\$2" | 53.\" 54.\" Avoid warning from groff about undefined register 'F'. 55.de IX |
| 54.. | 56.. |
| 55. nr % 0 56. rr F 57.\} 58.el \{\ 59. de IX | 57.nr rF 0 58.if \n(.g .if rF .nr rF 1 59.if (\n(rF:(\n(.g==0)) \{ 60. if \nF \{ 61. de IX 62. tm Index:\\$1\t\\n%\t"\\$2" |
| 60.. | 63.. |
| 64. if !\nF==2 \{ 65. nr % 0 66. nr F 2 67. \} 68. \} |
|
| 61.\} | 69.\} |
| 70.rr rF |
|
| 62.\" 63.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). 64.\" Fear. Run. Save yourself. No user-serviceable parts. 65. \" fudge factors for nroff and troff 66.if n \{\ 67. ds #H 0 68. ds #V .8m 69. ds #F .3m --- 49 unchanged lines hidden (view full) --- 119. ds Th \o'LP' 120. ds ae ae 121. ds Ae AE 122.\} 123.rm #[ #] #H #V #F C 124.\" ======================================================================== 125.\" 126.IX Title "CMS_decrypt 3" | 71.\" 72.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). 73.\" Fear. Run. Save yourself. No user-serviceable parts. 74. \" fudge factors for nroff and troff 75.if n \{\ 76. ds #H 0 77. ds #V .8m 78. ds #F .3m --- 49 unchanged lines hidden (view full) --- 128. ds Th \o'LP' 129. ds ae ae 130. ds Ae AE 131.\} 132.rm #[ #] #H #V #F C 133.\" ======================================================================== 134.\" 135.IX Title "CMS_decrypt 3" |
| 127.TH CMS_decrypt 3 "2014-10-15" "1.0.1j" "OpenSSL" | 136.TH CMS_decrypt 3 "2015-01-15" "1.0.1l" "OpenSSL" |
| 128.\" For nroff, turn off justification. Always turn off hyphenation; it makes 129.\" way too many mistakes in technical documents. 130.if n .ad l 131.nh 132.SH "NAME" 133.Vb 1 134\& CMS_decrypt \- decrypt content from a CMS envelopedData structure 135.Ve --- 7 unchanged lines hidden (view full) --- 143.SH "DESCRIPTION" 144.IX Header "DESCRIPTION" 145\&\fICMS_decrypt()\fR extracts and decrypts the content from a \s-1CMS\s0 EnvelopedData 146structure. \fBpkey\fR is the private key of the recipient, \fBcert\fR is the 147recipient's certificate, \fBout\fR is a \s-1BIO\s0 to write the content to and 148\&\fBflags\fR is an optional set of flags. 149.PP 150The \fBdcont\fR parameter is used in the rare case where the encrypted content | 137.\" For nroff, turn off justification. Always turn off hyphenation; it makes 138.\" way too many mistakes in technical documents. 139.if n .ad l 140.nh 141.SH "NAME" 142.Vb 1 143\& CMS_decrypt \- decrypt content from a CMS envelopedData structure 144.Ve --- 7 unchanged lines hidden (view full) --- 152.SH "DESCRIPTION" 153.IX Header "DESCRIPTION" 154\&\fICMS_decrypt()\fR extracts and decrypts the content from a \s-1CMS\s0 EnvelopedData 155structure. \fBpkey\fR is the private key of the recipient, \fBcert\fR is the 156recipient's certificate, \fBout\fR is a \s-1BIO\s0 to write the content to and 157\&\fBflags\fR is an optional set of flags. 158.PP 159The \fBdcont\fR parameter is used in the rare case where the encrypted content |
| 151is detached. It will normally be set to \s-1NULL\s0. | 160is detached. It will normally be set to \s-1NULL.\s0 |
| 152.SH "NOTES" 153.IX Header "NOTES" 154\&\fIOpenSSL_add_all_algorithms()\fR (or equivalent) should be called before using this 155function or errors about unknown algorithms will occur. 156.PP 157Although the recipients certificate is not needed to decrypt the data it is 158needed to locate the appropriate (of possible several) recipients in the \s-1CMS\s0 159structure. --- 10 unchanged lines hidden (view full) --- 170recipient encrypted key can be decrypted \fBwithout\fR generating a random 171content encryption key. Applications should use this flag with 172\&\fBextreme caution\fR especially in automated gateways as it can leave them 173open to attack. 174.PP 175It is possible to determine the correct recipient key by other means (for 176example looking them up in a database) and setting them in the \s-1CMS\s0 structure 177in advance using the \s-1CMS\s0 utility functions such as \fICMS_set1_pkey()\fR. In this | 161.SH "NOTES" 162.IX Header "NOTES" 163\&\fIOpenSSL_add_all_algorithms()\fR (or equivalent) should be called before using this 164function or errors about unknown algorithms will occur. 165.PP 166Although the recipients certificate is not needed to decrypt the data it is 167needed to locate the appropriate (of possible several) recipients in the \s-1CMS\s0 168structure. --- 10 unchanged lines hidden (view full) --- 179recipient encrypted key can be decrypted \fBwithout\fR generating a random 180content encryption key. Applications should use this flag with 181\&\fBextreme caution\fR especially in automated gateways as it can leave them 182open to attack. 183.PP 184It is possible to determine the correct recipient key by other means (for 185example looking them up in a database) and setting them in the \s-1CMS\s0 structure 186in advance using the \s-1CMS\s0 utility functions such as \fICMS_set1_pkey()\fR. In this |
| 178case both \fBcert\fR and \fBpkey\fR should be set to \s-1NULL\s0. | 187case both \fBcert\fR and \fBpkey\fR should be set to \s-1NULL.\s0 |
| 179.PP 180To process KEKRecipientInfo types \fICMS_set1_key()\fR or \fICMS_RecipientInfo_set0_key()\fR 181and \fICMS_ReceipientInfo_decrypt()\fR should be called before \fICMS_decrypt()\fR and | 188.PP 189To process KEKRecipientInfo types \fICMS_set1_key()\fR or \fICMS_RecipientInfo_set0_key()\fR 190and \fICMS_ReceipientInfo_decrypt()\fR should be called before \fICMS_decrypt()\fR and |
| 182\&\fBcert\fR and \fBpkey\fR set to \s-1NULL\s0. | 191\&\fBcert\fR and \fBpkey\fR set to \s-1NULL.\s0 |
| 183.PP 184The following flags can be passed in the \fBflags\fR parameter. 185.PP 186If the \fB\s-1CMS_TEXT\s0\fR flag is set \s-1MIME\s0 headers for type \fBtext/plain\fR are deleted 187from the content. If the content is not of type \fBtext/plain\fR then an error is 188returned. 189.SH "RETURN VALUES" 190.IX Header "RETURN VALUES" --- 12 unchanged lines hidden --- | 192.PP 193The following flags can be passed in the \fBflags\fR parameter. 194.PP 195If the \fB\s-1CMS_TEXT\s0\fR flag is set \s-1MIME\s0 headers for type \fBtext/plain\fR are deleted 196from the content. If the content is not of type \fBtext/plain\fR then an error is 197returned. 198.SH "RETURN VALUES" 199.IX Header "RETURN VALUES" --- 12 unchanged lines hidden --- |