Mini Shell

Direktori : /opt/cpnginx/quictls/share/man/man3/
Upload File :
Current File : //opt/cpnginx/quictls/share/man/man3/CMS_signed_get_attr_by_NID.3ossl

.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
.    if \nF \{\
.        de IX
.        tm Index:\\$1\t\\n%\t"\\$2"
..
.        if !\nF==2 \{\
.            nr % 0
.            nr F 2
.        \}
.    \}
.\}
.rr rF
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
.    \" fudge factors for nroff and troff
.if n \{\
.    ds #H 0
.    ds #V .8m
.    ds #F .3m
.    ds #[ \f1
.    ds #] \fP
.\}
.if t \{\
.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
.    ds #V .6m
.    ds #F 0
.    ds #[ \&
.    ds #] \&
.\}
.    \" simple accents for nroff and troff
.if n \{\
.    ds ' \&
.    ds ` \&
.    ds ^ \&
.    ds , \&
.    ds ~ ~
.    ds /
.\}
.if t \{\
.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
.    \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.    \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
.    \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
.    ds : e
.    ds 8 ss
.    ds o a
.    ds d- d\h'-1'\(ga
.    ds D- D\h'-1'\(hy
.    ds th \o'bp'
.    ds Th \o'LP'
.    ds ae ae
.    ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "CMS_SIGNED_GET_ATTR 3ossl"
.TH CMS_SIGNED_GET_ATTR 3ossl "2024-09-03" "3.1.7+quic" "OpenSSL"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
CMS_signed_get_attr_count,
CMS_signed_get_attr_by_NID, CMS_signed_get_attr_by_OBJ, CMS_signed_get_attr,
CMS_signed_delete_attr,
CMS_signed_add1_attr, CMS_signed_add1_attr_by_OBJ,
CMS_signed_add1_attr_by_NID, CMS_signed_add1_attr_by_txt,
CMS_signed_get0_data_by_OBJ,
CMS_unsigned_get_attr_count,
CMS_unsigned_get_attr_by_NID, CMS_unsigned_get_attr_by_OBJ,
CMS_unsigned_get_attr, CMS_unsigned_delete_attr,
CMS_unsigned_add1_attr, CMS_unsigned_add1_attr_by_OBJ,
CMS_unsigned_add1_attr_by_NID, CMS_unsigned_add1_attr_by_txt,
CMS_unsigned_get0_data_by_OBJ
\&\- CMS signed and unsigned attribute functions
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/cms.h>
\&
\& int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
\& int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
\&                                int lastpos);
\& int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, const ASN1_OBJECT *obj,
\&                                int lastpos);
\& X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
\& X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
\& int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
\& int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
\&                                 const ASN1_OBJECT *obj, int type,
\&                                 const void *bytes, int len);
\& int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
\&                                 int nid, int type,
\&                                 const void *bytes, int len);
\& int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
\&                                 const char *attrname, int type,
\&                                 const void *bytes, int len);
\& void *CMS_signed_get0_data_by_OBJ(const CMS_SignerInfo *si,
\&                                   const ASN1_OBJECT *oid,
\&                                   int lastpos, int type);
\&
\& int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
\& int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
\&                                  int lastpos);
\& int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si,
\&                                  const ASN1_OBJECT *obj, int lastpos);
\& X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
\& X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
\& int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
\& int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
\&                                   const ASN1_OBJECT *obj, int type,
\&                                   const void *bytes, int len);
\& int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
\&                                   int nid, int type,
\&                                   const void *bytes, int len);
\& int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
\&                                   const char *attrname, int type,
\&                                   const void *bytes, int len);
\& void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
\&                                     int lastpos, int type);
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
CMS_signerInfo contains separate attribute lists for signed and unsigned
attributes. Each \fBCMS_signed_XXX()\fR function is used for signed attributes, and
each \fBCMS_unsigned_XXX()\fR function is used for unsigned attributes.
Since the \fBCMS_unsigned_XXX()\fR functions work in the same way as the
\&\fBCMS_signed_XXX()\fR equivalents, only the \fBCMS_signed_XXX()\fR functions are
described below.
.PP
\&\fBCMS_signed_get_attr_by_OBJ()\fR finds the location of the first matching object
\&\fIobj\fR in the SignerInfo's \fIsi\fR signed attribute list. The search starts at the
position after \fIlastpos\fR. If the returned value is positive then it can be used
on the next call to \fBCMS_signed_get_attr_by_OBJ()\fR as the value of \fIlastpos\fR in
order to iterate through the remaining attributes. \fIlastpos\fR can be set to any
negative value on the first call, in order to start searching from the start of
the signed attribute list.
.PP
\&\fBCMS_signed_get_attr_by_NID()\fR is similar to \fBCMS_signed_get_attr_by_OBJ()\fR except
that it passes the numerical identifier (\s-1NID\s0) \fInid\fR associated with the object.
See <openssl/obj_mac.h> for a list of NID_*.
.PP
\&\fBCMS_signed_get_attr()\fR returns the \fBX509_ATTRIBUTE\fR object at index \fIloc\fR in the
\&\fIsi\fR signed attribute list. \fIloc\fR should be in the range from 0 to
\&\fBCMS_signed_get_attr_count()\fR \- 1.
.PP
\&\fBCMS_signed_delete_attr()\fR removes the \fBX509_ATTRIBUTE\fR object at index \fIloc\fR in
the \fIsi\fR signed attribute list. An error occurs if the \fIsi\fR attribute list
is \s-1NULL.\s0
.PP
\&\fBCMS_signed_add1_attr()\fR pushes a copy of the passed in \fBX509_ATTRIBUTE\fR object
to the \fIsi\fR signed attribute list. A new signed attribute list is created if
required. An error occurs if \fIattr\fR is \s-1NULL.\s0
.PP
\&\fBCMS_signed_add1_attr_by_OBJ()\fR creates a new signed \fBX509_ATTRIBUTE\fR using
\&\fBX509_ATTRIBUTE_set1_object()\fR and \fBX509_ATTRIBUTE_set1_data()\fR to assign a new
\&\fIobj\fR with type \fItype\fR and data \fIbytes\fR of length \fIlen\fR and then pushes it
to the \fIkey\fR object's attribute list.
.PP
\&\fBCMS_signed_add1_attr_by_NID()\fR is similar to \fBCMS_signed_add1_attr_by_OBJ()\fR except
that it passes the numerical identifier (\s-1NID\s0) \fInid\fR associated with the object.
See <openssl/obj_mac.h> for a list of NID_*.
.PP
\&\fBCMS_signed_add1_attr_by_txt()\fR is similar to \fBCMS_signed_add1_attr_by_OBJ()\fR
except that it passes a name \fIattrname\fR associated with the object.
See <openssl/obj_mac.h> for a list of SN_* names.
.PP
\&\fBCMS_signed_get0_data_by_OBJ()\fR finds the first attribute in a \fIsi\fR signed
attributes list that matches the \fIobj\fR starting at index \fIlastpos\fR
and returns the data retrieved from the found attributes first \fB\s-1ASN1_TYPE\s0\fR
object. An error will occur if the attribute type \fItype\fR does not match the
type of the \fB\s-1ASN1_TYPE\s0\fR object \s-1OR\s0 if \fItype\fR is either \fBV_ASN1_BOOLEAN\fR or
\&\fBV_ASN1_NULL\fR \s-1OR\s0 the attribute is not found.
If \fIlastpos\fR is less than \-1 then an error will occur if there are multiple
objects in the signed attribute list that match \fIobj\fR.
If \fIlastpos\fR is less than \-2 then an error will occur if there is more than
one \fB\s-1ASN1_TYPE\s0\fR object in the found signed attribute.
.PP
Refer to \fBX509_ATTRIBUTE\fR\|(3) for information related to attributes.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
The \fBCMS_unsigned_XXX()\fR functions return values are similar to those of the
equivalent \fBCMS_signed_XXX()\fR functions.
.PP
\&\fBCMS_signed_get_attr_count()\fR returns the number of signed attributes in the
SignerInfo \fIsi\fR, or \-1 if the signed attribute list is \s-1NULL.\s0
.PP
\&\fBCMS_signed_get_attr_by_OBJ()\fR returns \-1 if either the signed attribute list of
\&\fIsi\fR is empty \s-1OR\s0 if \fIobj\fR is not found, otherwise it returns the location of
the \fIobj\fR in the SignerInfo's \fIsi\fR signed attribute list.
.PP
\&\fBCMS_signed_get_attr_by_NID()\fR is similar to \fBCMS_signed_get_attr_by_OBJ()\fR except
that it returns \-2 if the \fInid\fR is not known by OpenSSL.
.PP
\&\fBCMS_signed_get_attr()\fR returns either a signed \fBX509_ATTRIBUTE\fR or \s-1NULL\s0 on error.
.PP
\&\fBCMS_signed_delete_attr()\fR returns either the removed signed \fBX509_ATTRIBUTE\fR or
\&\s-1NULL\s0 if there is a error.
.PP
\&\fBCMS_signed_add1_attr()\fR, \fBCMS_signed_add1_attr_by_OBJ()\fR,
\&\fBCMS_signed_add1_attr_by_NID()\fR, \fBCMS_signed_add1_attr_by_txt()\fR,
return 1 on success or 0 on error.
.PP
\&\fBCMS_signed_get0_data_by_OBJ()\fR returns the data retrieved from the found
signed attributes first \fB\s-1ASN1_TYPE\s0\fR object, or \s-1NULL\s0 if an error occurs.
.SH "NOTES"
.IX Header "NOTES"
Some attributes are added automatically during the signing process.
.PP
Calling \fBCMS_SignerInfo_sign()\fR adds the NID_pkcs9_signingTime signed
attribute.
.PP
Calling \fBCMS_final()\fR, \fBCMS_final_digest()\fR or \fBCMS_dataFinal()\fR adds the
NID_pkcs9_messageDigest signed attribute.
.PP
The NID_pkcs9_contentType signed attribute is always added if the
NID_pkcs9_signingTime attribute is added.
.PP
Calling \fBCMS_sign_ex()\fR, \fBCMS_sign_receipt()\fR or \fBCMS_add1_signer()\fR may add
attributes depending on the flags parameter. See \fBCMS_add1_signer\fR\|(3) for
more information.
.PP
OpenSSL applies special rules for the following attribute NIDs:
.IP "\s-1CMS\s0 Signed Attributes" 4
.IX Item "CMS Signed Attributes"
NID_pkcs9_contentType
NID_pkcs9_messageDigest
NID_pkcs9_signingTime
.IP "\s-1ESS\s0 Signed Attributes" 4
.IX Item "ESS Signed Attributes"
NID_id_smime_aa_signingCertificate
NID_id_smime_aa_signingCertificateV2
NID_id_smime_aa_receiptRequest
.IP "\s-1CMS\s0 Unsigned Attributes" 4
.IX Item "CMS Unsigned Attributes"
NID_pkcs9_countersignature
.PP
\&\fBCMS_signed_add1_attr()\fR, \fBCMS_signed_add1_attr_by_OBJ()\fR,
\&\fBCMS_signed_add1_attr_by_NID()\fR, \fBCMS_signed_add1_attr_by_txt()\fR
and the equivalent \fBCMS_unsigned_add1_attrXXX()\fR functions allow
duplicate attributes to be added. The attribute rules are not checked
during these function calls, and are deferred until the sign or verify process
(i.e. during calls to any of \fBCMS_sign_ex()\fR, \fBCMS_sign()\fR, \fBCMS_sign_receipt()\fR,
\&\fBCMS_add1_signer()\fR, \fBCMS_Final()\fR, \fBCMS_dataFinal()\fR, \fBCMS_final_digest()\fR,
\&\fBCMS_verify()\fR, \fBCMS_verify_receipt()\fR or \fBCMS_SignedData_verify()\fR).
.PP
For \s-1CMS\s0 attribute rules see \s-1RFC 5652\s0 Section 11.
For \s-1ESS\s0 attribute rules see \s-1RFC 2634\s0 Section 1.3.4 and \s-1RFC 5035\s0 Section 5.4.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBX509_ATTRIBUTE\fR\|(3)
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2023\-2024 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the \*(L"License\*(R").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file \s-1LICENSE\s0 in the source distribution or at
<https://www.openssl.org/source/license.html>.

Zerion Mini Shell 1.0