| PKCS7_verify.3 (127131) | PKCS7_verify.3 (142429) |
|---|---|
| 1.\" Automatically generated by Pod::Man version 1.15 2.\" Wed Mar 17 09:38:37 2004 | 1.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14 |
| 3.\" 4.\" Standard preamble: | 2.\" 3.\" Standard preamble: |
| 5.\" ====================================================================== | 4.\" ======================================================================== |
| 6.de Sh \" Subsection heading 7.br 8.if t .Sp 9.ne 5 10.PP 11\fB\\$1\fR 12.PP 13.. 14.de Sp \" Vertical space (when we can't use .PP) 15.if t .sp .5v 16.if n .sp 17.. | 5.de Sh \" Subsection heading 6.br 7.if t .Sp 8.ne 5 9.PP 10\fB\\$1\fR 11.PP 12.. 13.de Sp \" Vertical space (when we can't use .PP) 14.if t .sp .5v 15.if n .sp 16.. |
| 18.de Ip \" List item 19.br 20.ie \\n(.$>=3 .ne \\$3 21.el .ne 3 22.IP "\\$1" \\$2 23.. | |
| 24.de Vb \" Begin verbatim text 25.ft CW 26.nf 27.ne \\$1 28.. 29.de Ve \" End verbatim text 30.ft R | 17.de Vb \" Begin verbatim text 18.ft CW 19.nf 20.ne \\$1 21.. 22.de Ve \" End verbatim text 23.ft R |
| 31 | |
| 32.fi 33.. 34.\" Set up some character translations and predefined strings. \*(-- will 35.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left 36.\" double quote, and \*(R" will give a right double quote. | will give a | 24.fi 25.. 26.\" Set up some character translations and predefined strings. \*(-- will 27.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left 28.\" double quote, and \*(R" will give a right double quote. | will give a |
| 37.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used 38.\" to do unbreakable dashes and therefore won't be available. \*(C` and 39.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> | 29.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to 30.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' 31.\" expand to `' in nroff, nothing in troff, for use with C<>. |
| 40.tr \(*W-|\(bv\*(Tr 41.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' 42.ie n \{\ 43. ds -- \(*W- 44. ds PI pi 45. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch 46. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch 47. ds L" "" 48. ds R" "" 49. ds C` "" 50. ds C' "" 51'br\} 52.el\{\ 53. ds -- \|\(em\| 54. ds PI \(*p 55. ds L" `` 56. ds R" '' 57'br\} 58.\" | 32.tr \(*W-|\(bv\*(Tr 33.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' 34.ie n \{\ 35. ds -- \(*W- 36. ds PI pi 37. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch 38. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch 39. ds L" "" 40. ds R" "" 41. ds C` "" 42. ds C' "" 43'br\} 44.el\{\ 45. ds -- \|\(em\| 46. ds PI \(*p 47. ds L" `` 48. ds R" '' 49'br\} 50.\" |
| 59.\" If the F register is turned on, we'll generate index entries on stderr 60.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and 61.\" index entries marked with X<> in POD. Of course, you'll have to process 62.\" the output yourself in some meaningful fashion. | 51.\" If the F register is turned on, we'll generate index entries on stderr for 52.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index 53.\" entries marked with X<> in POD. Of course, you'll have to process the 54.\" output yourself in some meaningful fashion. |
| 63.if \nF \{\ 64. de IX 65. tm Index:\\$1\t\\n%\t"\\$2" 66.. 67. nr % 0 68. rr F 69.\} 70.\" | 55.if \nF \{\ 56. de IX 57. tm Index:\\$1\t\\n%\t"\\$2" 58.. 59. nr % 0 60. rr F 61.\} 62.\" |
| 71.\" For nroff, turn off justification. Always turn off hyphenation; it 72.\" makes way too many mistakes in technical documents. | 63.\" For nroff, turn off justification. Always turn off hyphenation; it makes 64.\" way too many mistakes in technical documents. |
| 73.hy 0 74.if n .na 75.\" 76.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). 77.\" Fear. Run. Save yourself. No user-serviceable parts. | 65.hy 0 66.if n .na 67.\" 68.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). 69.\" Fear. Run. Save yourself. No user-serviceable parts. |
| 78.bd B 3 | |
| 79. \" fudge factors for nroff and troff 80.if n \{\ 81. ds #H 0 82. ds #V .8m 83. ds #F .3m 84. ds #[ \f1 85. ds #] \fP 86.\} --- 43 unchanged lines hidden (view full) --- 130. ds d- d\h'-1'\(ga 131. ds D- D\h'-1'\(hy 132. ds th \o'bp' 133. ds Th \o'LP' 134. ds ae ae 135. ds Ae AE 136.\} 137.rm #[ #] #H #V #F C | 70. \" fudge factors for nroff and troff 71.if n \{\ 72. ds #H 0 73. ds #V .8m 74. ds #F .3m 75. ds #[ \f1 76. ds #] \fP 77.\} --- 43 unchanged lines hidden (view full) --- 121. ds d- d\h'-1'\(ga 122. ds D- D\h'-1'\(hy 123. ds th \o'bp' 124. ds Th \o'LP' 125. ds ae ae 126. ds Ae AE 127.\} 128.rm #[ #] #H #V #F C |
| 138.\" ====================================================================== | 129.\" ======================================================================== |
| 139.\" 140.IX Title "PKCS7_verify 3" | 130.\" 131.IX Title "PKCS7_verify 3" |
| 141.TH PKCS7_verify 3 "0.9.7d" "2004-03-17" "OpenSSL" 142.UC | 132.TH PKCS7_verify 3 "2005-02-24" "0.9.7d" "OpenSSL" |
| 143.SH "NAME" 144PKCS7_verify \- verify a PKCS#7 signedData structure 145.SH "SYNOPSIS" 146.IX Header "SYNOPSIS" | 133.SH "NAME" 134PKCS7_verify \- verify a PKCS#7 signedData structure 135.SH "SYNOPSIS" 136.IX Header "SYNOPSIS" |
| 147int PKCS7_verify(\s-1PKCS7\s0 *p7, STACK_OF(X509) *certs, X509_STORE *store, \s-1BIO\s0 *indata, \s-1BIO\s0 *out, int flags); | 137int PKCS7_verify(\s-1PKCS7\s0 *p7, \s-1STACK_OF\s0(X509) *certs, X509_STORE *store, \s-1BIO\s0 *indata, \s-1BIO\s0 *out, int flags); |
| 148.PP | 138.PP |
| 149int PKCS7_get0_signers(\s-1PKCS7\s0 *p7, STACK_OF(X509) *certs, int flags); | 139int PKCS7_get0_signers(\s-1PKCS7\s0 *p7, \s-1STACK_OF\s0(X509) *certs, int flags); |
| 150.SH "DESCRIPTION" 151.IX Header "DESCRIPTION" 152\&\fIPKCS7_verify()\fR verifies a PKCS#7 signedData structure. \fBp7\fR is the \s-1PKCS7\s0 153structure to verify. \fBcerts\fR is a set of certificates in which to search for 154the signer's certificate. \fBstore\fR is a trusted certficate store (used for 155chain verification). \fBindata\fR is the signed data if the content is not 156present in \fBp7\fR (that is it is detached). The content is written to \fBout\fR 157if it is not \s-1NULL\s0. --- 65 unchanged lines hidden (view full) --- 223timestamp). 224.SH "RETURN VALUES" 225.IX Header "RETURN VALUES" 226\&\fIPKCS7_verify()\fR returns 1 for a successful verification and zero or a negative 227value if an error occurs. 228.PP 229\&\fIPKCS7_get0_signers()\fR returns all signers or \fB\s-1NULL\s0\fR if an error occurred. 230.PP | 140.SH "DESCRIPTION" 141.IX Header "DESCRIPTION" 142\&\fIPKCS7_verify()\fR verifies a PKCS#7 signedData structure. \fBp7\fR is the \s-1PKCS7\s0 143structure to verify. \fBcerts\fR is a set of certificates in which to search for 144the signer's certificate. \fBstore\fR is a trusted certficate store (used for 145chain verification). \fBindata\fR is the signed data if the content is not 146present in \fBp7\fR (that is it is detached). The content is written to \fBout\fR 147if it is not \s-1NULL\s0. --- 65 unchanged lines hidden (view full) --- 213timestamp). 214.SH "RETURN VALUES" 215.IX Header "RETURN VALUES" 216\&\fIPKCS7_verify()\fR returns 1 for a successful verification and zero or a negative 217value if an error occurs. 218.PP 219\&\fIPKCS7_get0_signers()\fR returns all signers or \fB\s-1NULL\s0\fR if an error occurred. 220.PP |
| 231The error can be obtained from ERR_get_error(3) | 221The error can be obtained from \fIERR_get_error\fR\|(3) |
| 232.SH "BUGS" 233.IX Header "BUGS" 234The trusted certificate store is not searched for the signers certificate, 235this is primarily due to the inadequacies of the current \fBX509_STORE\fR 236functionality. 237.PP 238The lack of single pass processing and need to hold all data in memory as 239mentioned in \fIPKCS7_sign()\fR also applies to \fIPKCS7_verify()\fR. 240.SH "SEE ALSO" 241.IX Header "SEE ALSO" | 222.SH "BUGS" 223.IX Header "BUGS" 224The trusted certificate store is not searched for the signers certificate, 225this is primarily due to the inadequacies of the current \fBX509_STORE\fR 226functionality. 227.PP 228The lack of single pass processing and need to hold all data in memory as 229mentioned in \fIPKCS7_sign()\fR also applies to \fIPKCS7_verify()\fR. 230.SH "SEE ALSO" 231.IX Header "SEE ALSO" |
| 242ERR_get_error(3), PKCS7_sign(3) | 232\&\fIERR_get_error\fR\|(3), \fIPKCS7_sign\fR\|(3) |
| 243.SH "HISTORY" 244.IX Header "HISTORY" 245\&\fIPKCS7_verify()\fR was added to OpenSSL 0.9.5 | 233.SH "HISTORY" 234.IX Header "HISTORY" 235\&\fIPKCS7_verify()\fR was added to OpenSSL 0.9.5 |