diff options
Diffstat (limited to 'doc/man3/CMS_verify.pod')
| -rw-r--r-- | doc/man3/CMS_verify.pod | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/doc/man3/CMS_verify.pod b/doc/man3/CMS_verify.pod index 159c378b0e..ed289b1aff 100644 --- a/doc/man3/CMS_verify.pod +++ b/doc/man3/CMS_verify.pod @@ -66,10 +66,14 @@ from the content. If the content is not of type B<text/plain> then an error is returned. If B<CMS_NO_SIGNER_CERT_VERIFY> is set the signing certificates are not -verified. +verified, unless CMS_CADES flag is also set. If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not -verified. +verified, unless CMS_CADES flag is also set. + +If B<CMS_CADES> is set, each signer certificate is checked against the +"ESS signing-certificate" extension added in the signed attributes of the +signature. If B<CMS_NO_CONTENT_VERIFY> is set then the content digest is not checked. @@ -122,7 +126,7 @@ L<ERR_get_error(3)>, L<CMS_sign(3)> =head1 COPYRIGHT -Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy |