NAME

CMS_add1_signer, CMS_SignerInfo_sign — add a signer to a CMS SignedData structure

SYNOPSIS

#include <openssl/cms.h> CMS_SignerInfo *
CMS_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, unsigned int flags); int
CMS_SignerInfo_sign(CMS_SignerInfo *si);

DESCRIPTION

CMS_add1_signer() adds a signer with certificate signcert and private key pkey using message digest md to the signerInfos field of the SignedData structure cms, which should have been obtained from an initial call to CMS_sign(3) with the flag CMS_PARTIAL set, or which can be a valid SignedData structure in the case of re-signing. If md is NULL, the default digest for the public key algorithm of pkey is used. Unless the CMS_REUSE_DIGEST flag is set, the cms structure remains incomplete and must be finalized either by streaming (if applicable) or by a call to CMS_final(3). The main purpose of CMS_add1_signer() is to provide finer control over a CMS SignedData structure where the simpler CMS_sign(3) function defaults are not appropriate, for example if multiple signers or non default digest algorithms are needed. New attributes can also be added using the returned CMS_SignerInfo structure and the CMS attribute utility functions or the CMS signed receipt request functions. Any of the following flags (OR'ed together) can be passed in the flags parameter:

CMS_REUSE_DIGEST

Attempt to copy the content digest value from one of the existing CMS_SignerInfo structures in cms while adding another signer. An error occurs if a matching digest value cannot be found to copy. The cms structure will be valid and finalized when this flag is set.

CMS_PARTIAL

If this flag is set in addition to CMS_REUSE_DIGEST, the returned CMS_SignerInfo structure will not be finalized so additional attributes can be added. In this case an explicit call to CMS_SignerInfo_sign() is needed to finalize it.

CMS_NOCERTS

Do not add the signer's certificate to the certificates field of cms. The signer's certificate must still be supplied in the signcert parameter though. This flag can reduce the size of the signature if the signer's certificate can be obtained by other means, for example from a previously signed message.

CMS_NOATTR

Leave the signedAttrs field of the returned CMS_SignedData structure empty. By default, several CMS SignedAttributes are added, including the signing time, the CMS content type, and the supported list of ciphers in an SMIMECapabilities attribute.

CMS_NOSMIMECAP

Omit just the SMIMECapabilities attribute.

CMS_USE_KEYID

Use the subject key identifier value to identify signing certificates. An error occurs if the signing certificate does not have a subject key identifier extension. By default, issuer name and serial number are used instead.

If present, the SMIMECapabilities attribute indicates support for the following algorithms in preference order: 256-bit AES, 192-bit AES, 128-bit AES, triple DES, 128-bit RC2, 64-bit RC2, DES and 40-bit RC2. If any of these algorithms is not available then it will not be included. The CMS_SignerInfo_sign() function explicitly signs si. Its main use is when the CMS_REUSE_DIGEST and CMS_PARTIAL flags were both set in the call to CMS_add1_signer() that created si.

RETURN VALUES

CMS_add1_signer() returns an internal pointer to the new CMS_SignerInfo structure just added or NULL if an error occurs.

SEE ALSO

CMS_ContentInfo_new(3), CMS_final(3), CMS_sign(3), ERR_get_error(3)

STANDARDS

RFC 5652: Cryptographic Message Syntax, section 5.1: SignedData Type RFC 8419: Use of Edwards-Curve Digital Signature Algorithm (EdDSA) Signatures in the Cryptographic Message Syntax (CMS) RFC 8551: Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Message Specification

• section 2.5: Attributes and the SignerInfo Type
• section 2.5.2: SMIMECapabilities Attribute

HISTORY

CMS_add1_signer() and CMS_SignerInfo_sign() first appeared in OpenSSL 0.9.8h and have been available since OpenBSD 6.7.