diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-03-12 19:45:40 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-03-18 07:03:53 +0100 |
commit | 63b64f19c13d59d68dc2e525f454aea62a739842 (patch) | |
tree | a0eb5a23182f4d056dcb435dadf4c96fb50e76c1 /doc/man3 | |
parent | bef876f97e26309ccd20f916cf1e5e305735ee98 (diff) |
TS and CMS CAdES-BES: Refactor check_signing_certs() funcs into common ESS func
Also constify related CMS/PKCS7 functions and improve error codes thrown.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14503)
Diffstat (limited to 'doc/man3')
-rw-r--r-- | doc/man3/CMS_verify.pod | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/man3/CMS_verify.pod b/doc/man3/CMS_verify.pod index d56540290f..89f50a2010 100644 --- a/doc/man3/CMS_verify.pod +++ b/doc/man3/CMS_verify.pod @@ -72,8 +72,8 @@ If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not verified, unless CMS_CADES flag is also set. If B<CMS_CADES> is set, each signer certificate is checked against the -"ESS signing-certificate" extension added in the signed attributes of the -signature. +ESS signingCertificate or ESS signingCertificateV2 extension +that is required in the signed attributes of the signature. If B<CMS_NO_CONTENT_VERIFY> is set then the content digest is not checked. |