diff options
author | Jakub Zelenka <jakub.openssl@gmail.com> | 2020-09-06 19:11:34 +0100 |
---|---|---|
committer | Tomas Mraz <tmraz@fedoraproject.org> | 2020-09-08 15:43:11 +0200 |
commit | 924663c36d47066d5307937da77fed7e872730c7 (patch) | |
tree | a60cfe385cc29402bdaceaaa5a8b069ca6a6a50a /doc/man3/CMS_EnvelopedData_create.pod | |
parent | d96486dc809b5d134055785bfa6d707195d95534 (diff) |
Add CMS AuthEnvelopedData with AES-GCM support
Add the AuthEnvelopedData as defined in RFC 5083 with AES-GCM
parameter as defined in RFC 5084.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/8024)
Diffstat (limited to 'doc/man3/CMS_EnvelopedData_create.pod')
-rw-r--r-- | doc/man3/CMS_EnvelopedData_create.pod | 48 |
1 files changed, 32 insertions, 16 deletions
diff --git a/doc/man3/CMS_EnvelopedData_create.pod b/doc/man3/CMS_EnvelopedData_create.pod index e6903ea3f8..6978aaabcb 100644 --- a/doc/man3/CMS_EnvelopedData_create.pod +++ b/doc/man3/CMS_EnvelopedData_create.pod @@ -2,25 +2,39 @@ =head1 NAME -CMS_EnvelopedData_create_with_libctx, CMS_EnvelopedData_create +CMS_EnvelopedData_create_with_libctx, CMS_EnvelopedData_create, +CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_with_libctx - Create CMS envelope =head1 SYNOPSIS #include <openssl/cms.h> - CMS_ContentInfo *CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, - OPENSSL_CTX *libctx, - const char *propq); + CMS_ContentInfo * + CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, + OPENSSL_CTX *libctx, + const char *propq); CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); + CMS_ContentInfo * + CMS_AuthEnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, + OPENSSL_CTX *libctx, + const char *propq); + CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher); + =head1 DESCRIPTION -CMS_EnvelopedData_create_with_libctx() creates a B<CMS_ContentInfo> structure with -a type B<NID_pkcs7_enveloped>. I<cipher> is the symmetric cipher to use. The -library context I<libctx> and the property query I<propq> are used when +CMS_EnvelopedData_create_with_libctx() creates a B<CMS_ContentInfo> structure +with a type B<NID_pkcs7_enveloped>. I<cipher> is the symmetric cipher to use. +The library context I<libctx> and the property query I<propq> are used when retrieving algorithms from providers. +CMS_AuthEnvelopedData_create_with_libctx() creates a B<CMS_ContentInfo> +structure with a type B<NID_id_smime_ct_authEnvelopedData>. B<cipher> is the +symmetric AEAD cipher to use. Currently only AES variants with GCM mode are +supported. The library context I<libctx> and the property query I<propq> are +used when retrieving algorithms from providers. + The algorithm passed in the I<cipher> parameter must support ASN1 encoding of its parameters. @@ -30,21 +44,23 @@ L<CMS_add0_recipient_key(3)>. The B<CMS_ContentInfo> structure needs to be finalized using L<CMS_final(3)> and then freed using L<CMS_ContentInfo_free(3)>. -CMS_EnvelopedData_create() is similar to CMS_EnvelopedData_create_with_libctx() -but uses default values of NULL for the library context I<libctx> and the -property query I<propq>. +CMS_EnvelopedData_create() and CMS_AuthEnvelopedData_create are similar to +CMS_EnvelopedData_create_with_libctx() and +CMS_AuthEnvelopedData_create_with_libctx() but use default values of NULL for +the library context I<libctx> and the property query I<propq>. =head1 NOTES -Although CMS_EnvelopedData_create() allocates a new B<CMS_ContentInfo> -structure it is usually not used in applications. The wrappers -L<CMS_encrypt(3)> and L<CMS_decrypt(3)> are often used instead. +Although CMS_EnvelopedData_create() and CMS_AuthEnvelopedData_create() allocate +a new B<CMS_ContentInfo> structure, they are not usually used in applications. +The wrappers L<CMS_encrypt(3)> and L<CMS_decrypt(3)> are often used instead. =head1 RETURN VALUES -If the allocation fails, CMS_EnvelopedData_create() returns NULL and sets -an error code that can be obtained by L<ERR_get_error(3)>. -Otherwise it returns a pointer to the newly allocated structure. +If the allocation fails, CMS_EnvelopedData_create() and +CMS_AuthEnvelopedData_create() return NULL and set an error code that can be +obtained by L<ERR_get_error(3)>. Otherwise they return a pointer to the newly +allocated structure. =head1 SEE ALSO |