| 1 | =pod
|
|---|
| 2 |
|
|---|
| 3 | =head1 NAME
|
|---|
| 4 |
|
|---|
| 5 | CMS_EncryptedData_decrypt, CMS_EnvelopedData_decrypt
|
|---|
| 6 | - Decrypt CMS EncryptedData or EnvelopedData
|
|---|
| 7 |
|
|---|
| 8 | =head1 SYNOPSIS
|
|---|
| 9 |
|
|---|
| 10 | #include <openssl/cms.h>
|
|---|
| 11 |
|
|---|
| 12 | int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
|
|---|
| 13 | const unsigned char *key, size_t keylen,
|
|---|
| 14 | BIO *dcont, BIO *out, unsigned int flags);
|
|---|
| 15 |
|
|---|
| 16 | BIO *CMS_EnvelopedData_decrypt(CMS_EnvelopedData *env, BIO *detached_data,
|
|---|
| 17 | EVP_PKEY *pkey, X509 *cert,
|
|---|
| 18 | ASN1_OCTET_STRING *secret, unsigned int flags,
|
|---|
| 19 | OSSL_LIB_CTX *libctx, const char *propq);
|
|---|
| 20 |
|
|---|
| 21 | =head1 DESCRIPTION
|
|---|
| 22 |
|
|---|
| 23 | CMS_EncryptedData_decrypt() decrypts a I<cms> EncryptedData object using the
|
|---|
| 24 | symmetric I<key> of size I<keylen> bytes. I<out> is a BIO to write the content
|
|---|
| 25 | to and I<flags> is an optional set of flags.
|
|---|
| 26 | I<dcont> is used in the rare case where the encrypted content is detached. It
|
|---|
| 27 | will normally be set to NULL.
|
|---|
| 28 |
|
|---|
| 29 | The following flags can be passed in the I<flags> parameter.
|
|---|
| 30 |
|
|---|
| 31 | If the B<CMS_TEXT> flag is set MIME headers for type C<text/plain> are deleted
|
|---|
| 32 | from the content. If the content is not of type C<text/plain> then an error is
|
|---|
| 33 | returned.
|
|---|
| 34 |
|
|---|
| 35 | CMS_EnvelopedData_decrypt() decrypts, similarly to CMS_decrypt(3),
|
|---|
| 36 | a CMS EnvelopedData object I<env> using the symmetric key I<secret> if it
|
|---|
| 37 | is not NULL, otherwise the private key of the recipient I<pkey>.
|
|---|
| 38 | If I<pkey> is given, it is recommended to provide also the associated
|
|---|
| 39 | certificate in I<cert> - see L<CMS_decrypt(3)> and the NOTES on I<cert> there.
|
|---|
| 40 | The optional parameters I<flags> and I<dcont> are used as described above.
|
|---|
| 41 | The optional parameters library context I<libctx> and property query I<propq>
|
|---|
| 42 | are used when retrieving algorithms from providers.
|
|---|
| 43 |
|
|---|
| 44 | =head1 RETURN VALUES
|
|---|
| 45 |
|
|---|
| 46 | CMS_EncryptedData_decrypt() returns 0 if an error occurred otherwise returns 1.
|
|---|
| 47 |
|
|---|
| 48 | CMS_EnvelopedData_decrypt() returns NULL if an error occurred,
|
|---|
| 49 | otherwise a BIO containing the decypted content.
|
|---|
| 50 |
|
|---|
| 51 | =head1 SEE ALSO
|
|---|
| 52 |
|
|---|
| 53 | L<ERR_get_error(3)>, L<CMS_EncryptedData_encrypt(3)>, L<CMS_decrypt(3)>
|
|---|
| 54 |
|
|---|
| 55 | =head1 HISTORY
|
|---|
| 56 |
|
|---|
| 57 | CMS_EnvelopedData_decrypt() was added in OpenSSL 3.2.
|
|---|
| 58 |
|
|---|
| 59 | =head1 COPYRIGHT
|
|---|
| 60 |
|
|---|
| 61 | Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
|
|---|
| 62 |
|
|---|
| 63 | Licensed under the Apache License 2.0 (the "License"). You may not use
|
|---|
| 64 | this file except in compliance with the License. You can obtain a copy
|
|---|
| 65 | in the file LICENSE in the source distribution or at
|
|---|
| 66 | L<https://www.openssl.org/source/license.html>.
|
|---|
| 67 |
|
|---|
| 68 | =cut
|
|---|
