path: root/doc/crypto/PKCS7_decrypt.pod
diff options
authorJung-uk Kim <jkim@FreeBSD.org>2018-09-13 19:18:07 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2018-09-13 19:18:07 +0000
commita43ce912fc025d11e1395506111f75fc194d7ba5 (patch)
tree9794cf7720d75938ed0ea4f499c0dcd4b6eacdda /doc/crypto/PKCS7_decrypt.pod
parent02be298e504b8554caca6dc85af450e1ea44d19d (diff)
Import OpenSSL 1.1.1.vendor/openssl/1.1.1
Notes: svn path=/vendor-crypto/openssl/dist/; revision=338658 svn path=/vendor-crypto/openssl/1.1.1/; revision=338659; tag=vendor/openssl/1.1.1
Diffstat (limited to 'doc/crypto/PKCS7_decrypt.pod')
1 files changed, 0 insertions, 55 deletions
diff --git a/doc/crypto/PKCS7_decrypt.pod b/doc/crypto/PKCS7_decrypt.pod
deleted file mode 100644
index 325699d0b6d4..000000000000
--- a/doc/crypto/PKCS7_decrypt.pod
+++ /dev/null
@@ -1,55 +0,0 @@
-=head1 NAME
-PKCS7_decrypt - decrypt content from a PKCS#7 envelopedData structure
-=head1 SYNOPSIS
- #include <openssl/pkcs7.h>
- int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
-PKCS7_decrypt() extracts and decrypts the content from a PKCS#7 envelopedData
-structure. B<pkey> is the private key of the recipient, B<cert> is the
-recipients certificate, B<data> is a BIO to write the content to and
-B<flags> is an optional set of flags.
-=head1 NOTES
-OpenSSL_add_all_algorithms() (or equivalent) should be called before using this
-function or errors about unknown algorithms will occur.
-Although the recipients certificate is not needed to decrypt the data it is needed
-to locate the appropriate (of possible several) recipients in the PKCS#7 structure.
-The following flags can be passed in the B<flags> parameter.
-If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are deleted
-from the content. If the content is not of type B<text/plain> then an error is
-PKCS7_decrypt() returns either 1 for success or 0 for failure.
-The error can be obtained from ERR_get_error(3)
-=head1 BUGS
-PKCS7_decrypt() must be passed the correct recipient key and certificate. It would
-be better if it could look up the correct key and certificate from a database.
-The lack of single pass processing and need to hold all data in memory as
-mentioned in PKCS7_sign() also applies to PKCS7_verify().
-=head1 SEE ALSO
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-=head1 HISTORY
-PKCS7_decrypt() was added to OpenSSL 0.9.5