| PKCS7_encrypt.3 (206048) | PKCS7_encrypt.3 (215698) |
|---|---|
| 1.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.37 | 1.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07) |
| 2.\" 3.\" Standard preamble: 4.\" ======================================================================== | 2.\" 3.\" Standard preamble: 4.\" ======================================================================== |
| 5.de Sh \" Subsection heading 6.br 7.if t .Sp 8.ne 5 9.PP 10\fB\\$1\fR 11.PP 12.. | |
| 13.de Sp \" Vertical space (when we can't use .PP) 14.if t .sp .5v 15.if n .sp 16.. 17.de Vb \" Begin verbatim text 18.ft CW 19.nf 20.ne \\$1 21.. 22.de Ve \" End verbatim text 23.ft R 24.fi 25.. 26.\" Set up some character translations and predefined strings. \*(-- will 27.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left | 5.de Sp \" Vertical space (when we can't use .PP) 6.if t .sp .5v 7.if n .sp 8.. 9.de Vb \" Begin verbatim text 10.ft CW 11.nf 12.ne \\$1 13.. 14.de Ve \" End verbatim text 15.ft R 16.fi 17.. 18.\" Set up some character translations and predefined strings. \*(-- will 19.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left |
| 28.\" double quote, and \*(R" will give a right double quote. | will give a 29.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to 30.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' 31.\" expand to `' in nroff, nothing in troff, for use with C<>. 32.tr \(*W-|\(bv\*(Tr | 20.\" double quote, and \*(R" will give a right double quote. \*(C+ will 21.\" give a nicer C++. Capital omega is used to do unbreakable dashes and 22.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, 23.\" nothing in troff, for use with C<>. 24.tr \(*W- |
| 33.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' 34.ie n \{\ 35. ds -- \(*W- 36. ds PI pi 37. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch 38. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch 39. ds L" "" 40. ds R" "" 41. ds C` "" 42. ds C' "" 43'br\} 44.el\{\ 45. ds -- \|\(em\| 46. ds PI \(*p 47. ds L" `` 48. ds R" '' 49'br\} 50.\" | 25.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' 26.ie n \{\ 27. ds -- \(*W- 28. ds PI pi 29. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch 30. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch 31. ds L" "" 32. ds R" "" 33. ds C` "" 34. ds C' "" 35'br\} 36.el\{\ 37. ds -- \|\(em\| 38. ds PI \(*p 39. ds L" `` 40. ds R" '' 41'br\} 42.\" |
| 43.\" Escape single quotes in literal strings from groff's Unicode transform. 44.ie \n(.g .ds Aq \(aq 45.el .ds Aq ' 46.\" |
|
| 51.\" If the F register is turned on, we'll generate index entries on stderr for | 47.\" If the F register is turned on, we'll generate index entries on stderr for |
| 52.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index | 48.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index |
| 53.\" entries marked with X<> in POD. Of course, you'll have to process the 54.\" output yourself in some meaningful fashion. | 49.\" entries marked with X<> in POD. Of course, you'll have to process the 50.\" output yourself in some meaningful fashion. |
| 55.if \nF \{\ | 51.ie \nF \{\ |
| 56. de IX 57. tm Index:\\$1\t\\n%\t"\\$2" 58.. 59. nr % 0 60. rr F 61.\} | 52. de IX 53. tm Index:\\$1\t\\n%\t"\\$2" 54.. 55. nr % 0 56. rr F 57.\} |
| 58.el \{\ 59. de IX 60.. 61.\} |
|
| 62.\" | 62.\" |
| 63.\" For nroff, turn off justification. Always turn off hyphenation; it makes 64.\" way too many mistakes in technical documents. 65.hy 0 66.if n .na 67.\" | |
| 68.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). 69.\" Fear. Run. Save yourself. No user-serviceable parts. 70. \" fudge factors for nroff and troff 71.if n \{\ 72. ds #H 0 73. ds #V .8m 74. ds #F .3m 75. ds #[ \f1 --- 48 unchanged lines hidden (view full) --- 124. ds Th \o'LP' 125. ds ae ae 126. ds Ae AE 127.\} 128.rm #[ #] #H #V #F C 129.\" ======================================================================== 130.\" 131.IX Title "PKCS7_encrypt 3" | 63.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). 64.\" Fear. Run. Save yourself. No user-serviceable parts. 65. \" fudge factors for nroff and troff 66.if n \{\ 67. ds #H 0 68. ds #V .8m 69. ds #F .3m 70. ds #[ \f1 --- 48 unchanged lines hidden (view full) --- 119. ds Th \o'LP' 120. ds ae ae 121. ds Ae AE 122.\} 123.rm #[ #] #H #V #F C 124.\" ======================================================================== 125.\" 126.IX Title "PKCS7_encrypt 3" |
| 132.TH PKCS7_encrypt 3 "2010-03-24" "0.9.8n" "OpenSSL" | 127.TH PKCS7_encrypt 3 "2010-11-16" "0.9.8p" "OpenSSL" 128.\" For nroff, turn off justification. Always turn off hyphenation; it makes 129.\" way too many mistakes in technical documents. 130.if n .ad l 131.nh |
| 133.SH "NAME" 134PKCS7_encrypt \- create a PKCS#7 envelopedData structure 135.SH "SYNOPSIS" 136.IX Header "SYNOPSIS" | 132.SH "NAME" 133PKCS7_encrypt \- create a PKCS#7 envelopedData structure 134.SH "SYNOPSIS" 135.IX Header "SYNOPSIS" |
| 137\&\s-1PKCS7\s0 *PKCS7_encrypt(\s-1STACK_OF\s0(X509) *certs, \s-1BIO\s0 *in, const \s-1EVP_CIPHER\s0 *cipher, int flags); | 136.Vb 1 137\& #include <openssl/pkcs7.h> 138\& 139\& PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags); 140.Ve |
| 138.SH "DESCRIPTION" 139.IX Header "DESCRIPTION" 140\&\fIPKCS7_encrypt()\fR creates and returns a PKCS#7 envelopedData structure. \fBcerts\fR 141is a list of recipient certificates. \fBin\fR is the content to be encrypted. 142\&\fBcipher\fR is the symmetric cipher to use. \fBflags\fR is an optional set of flags. 143.SH "NOTES" 144.IX Header "NOTES" 145Only \s-1RSA\s0 keys are supported in PKCS#7 and envelopedData so the recipient certificates 146supplied to this function must all contain \s-1RSA\s0 public keys, though they do not have to 147be signed using the \s-1RSA\s0 algorithm. 148.PP 149\&\fIEVP_des_ede3_cbc()\fR (triple \s-1DES\s0) is the algorithm of choice for S/MIME use because 150most clients will support it. 151.PP 152Some old \*(L"export grade\*(R" clients may only support weak encryption using 40 or 64 bit 153\&\s-1RC2\s0. These can be used by passing \fIEVP_rc2_40_cbc()\fR and \fIEVP_rc2_64_cbc()\fR respectively. 154.PP 155The algorithm passed in the \fBcipher\fR parameter must support \s-1ASN1\s0 encoding of its | 141.SH "DESCRIPTION" 142.IX Header "DESCRIPTION" 143\&\fIPKCS7_encrypt()\fR creates and returns a PKCS#7 envelopedData structure. \fBcerts\fR 144is a list of recipient certificates. \fBin\fR is the content to be encrypted. 145\&\fBcipher\fR is the symmetric cipher to use. \fBflags\fR is an optional set of flags. 146.SH "NOTES" 147.IX Header "NOTES" 148Only \s-1RSA\s0 keys are supported in PKCS#7 and envelopedData so the recipient certificates 149supplied to this function must all contain \s-1RSA\s0 public keys, though they do not have to 150be signed using the \s-1RSA\s0 algorithm. 151.PP 152\&\fIEVP_des_ede3_cbc()\fR (triple \s-1DES\s0) is the algorithm of choice for S/MIME use because 153most clients will support it. 154.PP 155Some old \*(L"export grade\*(R" clients may only support weak encryption using 40 or 64 bit 156\&\s-1RC2\s0. These can be used by passing \fIEVP_rc2_40_cbc()\fR and \fIEVP_rc2_64_cbc()\fR respectively. 157.PP 158The algorithm passed in the \fBcipher\fR parameter must support \s-1ASN1\s0 encoding of its |
| 156parameters. | 159parameters. |
| 157.PP 158Many browsers implement a \*(L"sign and encrypt\*(R" option which is simply an S/MIME 159envelopedData containing an S/MIME signed message. This can be readily produced 160by storing the S/MIME signed message in a memory \s-1BIO\s0 and passing it to 161\&\fIPKCS7_encrypt()\fR. 162.PP 163The following flags can be passed in the \fBflags\fR parameter. 164.PP --- 21 unchanged lines hidden --- | 160.PP 161Many browsers implement a \*(L"sign and encrypt\*(R" option which is simply an S/MIME 162envelopedData containing an S/MIME signed message. This can be readily produced 163by storing the S/MIME signed message in a memory \s-1BIO\s0 and passing it to 164\&\fIPKCS7_encrypt()\fR. 165.PP 166The following flags can be passed in the \fBflags\fR parameter. 167.PP --- 21 unchanged lines hidden --- |