ag/cpython-source-deps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Import OpenSSL 1.1.0f

Browse Source
This commit is contained in:
Steve Dower
2017-09-07 16:27:43 -07:00
committed by Steve Dower
parent ccd3ab4aff
commit f4b81cb7c9
3340 changed files with 325158 additions and 557542 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
doc/crypto/PKCS7_sign.pod
View File

@@ -13,9 +13,9 @@ PKCS7_sign - create a PKCS#7 signedData structure
=head1 DESCRIPTION
PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is
the certificate to sign with, B<pkey> is the corresponsding private key.
the certificate to sign with, B<pkey> is the corresponding private key.
B<certs> is an optional additional set of certificates to include in the PKCS#7
structure (for example any intermediate CAs in the chain).
structure (for example any intermediate CAs in the chain).
The data to be signed is read from BIO B<data>.
@@ -80,13 +80,13 @@ BIO_new_PKCS7().
If a signer is specified it will use the default digest for the signing
algorithm. This is B<SHA1> for both RSA and DSA keys.
In OpenSSL 1.0.0 the B<certs>, B<signcert> and B<pkey> parameters can all be
The B<certs>, B<signcert> and B<pkey> parameters can all be
B<NULL> if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
using the function B<PKCS7_sign_add_signer()>. B<PKCS7_final()> must also be
using the function PKCS7_sign_add_signer(). PKCS7_final() must also be
called to finalize the structure if streaming is not enabled. Alternative
signing digests can also be specified using this method.
In OpenSSL 1.0.0 if B<signcert> and B<pkey> are NULL then a certificates only
If B<signcert> and B<pkey> are NULL then a certificates only
PKCS#7 structure is output.
In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must
@@ -103,14 +103,22 @@ occurred. The error can be obtained from ERR_get_error(3).
=head1 SEE ALSO
L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_verify(3)|PKCS7_verify(3)>
L<ERR_get_error(3)>, L<PKCS7_verify(3)>
=head1 HISTORY
PKCS7_sign() was added to OpenSSL 0.9.5
The B<PKCS7_PARTIAL> flag was added in OpenSSL 1.0.0
The B<PKCS7_PARTIAL> flag, and the ability for B<certs>, B<signcert>,
and B<pkey> parameters to be B<NULL> to be was added in OpenSSL 1.0.0
The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0
=head1 COPYRIGHT
Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut