PKCS7_sign.pod 4.3 KB
Newer Older
D
Dr. Stephen Henson 已提交
1 2 3 4 5 6 7 8
=pod

=head1 NAME

PKCS7_sign - create a PKCS#7 signedData structure

=head1 SYNOPSIS

U
Ulf Möller 已提交
9 10 11
 #include <openssl/pkcs7.h>

 PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags);
D
Dr. Stephen Henson 已提交
12 13 14

=head1 DESCRIPTION

D
Dr. Stephen Henson 已提交
15
PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is
16
the certificate to sign with, B<pkey> is the corresponding private key.
D
Dr. Stephen Henson 已提交
17 18
B<certs> is an optional additional set of certificates to include in the PKCS#7
structure (for example any intermediate CAs in the chain). 
D
Dr. Stephen Henson 已提交
19 20 21 22 23 24 25

The data to be signed is read from BIO B<data>.

B<flags> is an optional set of flags.

=head1 NOTES

D
Dr. Stephen Henson 已提交
26 27
Any of the following flags (ored together) can be passed in the B<flags>
parameter.
D
Dr. Stephen Henson 已提交
28 29 30 31 32 33

Many S/MIME clients expect the signed content to include valid MIME headers. If
the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
to the data.

If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
D
Dr. Stephen Henson 已提交
34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53
PKCS7 structure, the signer's certificate must still be supplied in the
B<signcert> parameter though. This can reduce the size of the signature if the
signers certificate can be obtained by other means: for example a previously
signed message.

The data being signed is included in the PKCS7 structure, unless
B<PKCS7_DETACHED> is set in which case it is omitted. This is used for PKCS7
detached signatures which are used in S/MIME plaintext signed messages for
example.

Normally the supplied content is translated into MIME canonical format (as
required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation
occurs. This option should be used if the supplied data is in binary format
otherwise the translation will corrupt it.

The signedData structure includes several PKCS#7 autenticatedAttributes
including the signing time, the PKCS#7 content type and the supported list of
ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no
authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just
the SMIMECapabilities are omitted.
D
Dr. Stephen Henson 已提交
54

D
Dr. Stephen Henson 已提交
55 56 57
If present the SMIMECapabilities attribute indicates support for the following
algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
these algorithms is disabled then it will not be included.
D
Dr. Stephen Henson 已提交
58

D
Dr. Stephen Henson 已提交
59 60 61 62 63
If the flags B<PKCS7_STREAM> is set then the returned B<PKCS7> structure is
just initialized ready to perform the signing operation. The signing is however
B<not> performed and the data to be signed is not read from the B<data>
parameter. Signing is deferred until after the data has been written. In this
way data can be signed in a single pass.
D
Dr. Stephen Henson 已提交
64

D
Dr. Stephen Henson 已提交
65 66
If the B<PKCS7_PARTIAL> flag is set a partial B<PKCS7> structure is output to
which additional signers and capabilities can be added before finalization.
D
Dr. Stephen Henson 已提交
67

D
Dr. Stephen Henson 已提交
68 69 70

=head1 NOTES

D
Dr. Stephen Henson 已提交
71 72 73
If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
complete and outputting its contents via a function that does not properly
finalize the B<PKCS7> structure will give unpredictable results.
D
Dr. Stephen Henson 已提交
74

D
Dr. Stephen Henson 已提交
75
Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
D
Dr. Stephen Henson 已提交
76 77 78
PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
can be performed by obtaining the streaming ASN1 B<BIO> directly using
BIO_new_PKCS7().
D
Dr. Stephen Henson 已提交
79

D
Dr. Stephen Henson 已提交
80 81
If a signer is specified it will use the default digest for the signing
algorithm. This is B<SHA1> for both RSA and DSA keys.
D
Dr. Stephen Henson 已提交
82

R
Rich Salz 已提交
83
The B<certs>, B<signcert> and B<pkey> parameters can all be
D
Dr. Stephen Henson 已提交
84
B<NULL> if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
R
Rich Salz 已提交
85
using the function PKCS7_sign_add_signer(). PKCS7_final() must also be
D
Dr. Stephen Henson 已提交
86 87
called to finalize the structure if streaming is not enabled. Alternative
signing digests can also be specified using this method.
D
Dr. Stephen Henson 已提交
88

R
Rich Salz 已提交
89
If B<signcert> and B<pkey> are NULL then a certificates only
D
Dr. Stephen Henson 已提交
90
PKCS#7 structure is output.
D
Dr. Stephen Henson 已提交
91

92
In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must
D
Dr. Stephen Henson 已提交
93
B<NOT> be NULL.
D
Dr. Stephen Henson 已提交
94

D
Dr. Stephen Henson 已提交
95 96 97
=head1 BUGS

Some advanced attributes such as counter signatures are not supported.
D
Dr. Stephen Henson 已提交
98

D
Dr. Stephen Henson 已提交
99 100
=head1 RETURN VALUES

D
Dr. Stephen Henson 已提交
101 102
PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error
occurred.  The error can be obtained from ERR_get_error(3).
D
Dr. Stephen Henson 已提交
103 104 105

=head1 SEE ALSO

R
Rich Salz 已提交
106
L<ERR_get_error(3)>, L<PKCS7_verify(3)>
D
Dr. Stephen Henson 已提交
107 108 109

=head1 HISTORY

R
Rich Salz 已提交
110 111
The B<PKCS7_PARTIAL> flag, and the ability for B<certs>, B<signcert>,
and B<pkey> parameters to be B<NULL> to be was added in OpenSSL 1.0.0
D
Dr. Stephen Henson 已提交
112

113
The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0
D
Dr. Stephen Henson 已提交
114

D
Dr. Stephen Henson 已提交
115
=cut