NAME
SMIME_write_PKCS7
—
convert PKCS#7 structure to S/MIME
format
SYNOPSIS
/* -lcrypto */
#include <openssl/pkcs7.h>
int
SMIME_write_PKCS7
(BIO *out,
PKCS7 *p7, BIO *data,
int flags);
DESCRIPTION
SMIME_write_PKCS7
()
generates an S/MIME message on out by writing MIME 1.0
headers followed by a BER- and base64-encoded serialization of
p7. The BER encoding uses the DER format except as
described for PKCS7_STREAM
below. If streaming is
enabled, then the content must be supplied in the data
argument.
The flags can be the logical OR of zero or more of the following bits:
PKCS7_DETACHED
- Use cleartext signing and generate a "multipart/signed" S/MIME
message. The content is read from data. If
data is a
NULL
pointer, this flag is ignored.This flag is only supported for signedData where
PKCS7_DETACHED
is also set when PKCS7_sign(3) is called.If
PKCS7_STREAM
is not set, the data must be read twice: once to compute the signature in PKCS7_sign(3) and once to output the S/MIME message.If
PKCS7_DETACHED
is ignored or not specified, the smime-type is chosen according to the type of p7:NID_pkcs7_enveloped
- "enveloped-data"
NID_pkcs7_signed
-
- "signed-data"
- if p7 specifies any digest algorithm
- "certs-only"
- otherwise
NID_id_smime_ct_compressedData
- "compressed-data"
PKCS7_REUSE_DIGEST
- Skip the calls to
PKCS7_dataInit(3) and
PKCS7_dataFinal(3). This flag has no effect unless
PKCS7_DETACHED
is also set. PKCS7_STREAM
- Perform streaming by reading the content from data.
This only works if
PKCS7_DETACHED
is not specified.This flag should only be set if
PKCS7_STREAM
was also set in the previous call to PKCS7_sign(3) or PKCS7_encrypt(3).The content is output in BER format using indefinite length constructed encoding except in the case of signed data with detached content where the content is absent and DER format is used.
PKCS7_TEXT
- Prepend the line "Content-Type: text/plain" to the content. This
only makes sense if
PKCS7_DETACHED
is also set. It is ignored if the flagSMIME_BINARY
is also set. SMIME_BINARY
- If specified, this flag is passed through to SMIME_crlf_copy(3).
SMIME_CRLFEOL
- End MIME header lines with pairs of carriage return and newline characters. By default, no carriage return characters are written and header lines are ended with newline characters only.
SMIME_OLDMIME
- If this bit is set in the flags argument, "application/pkcs7-mime" or "application/pkcs7-signature" is used in Content-Type headers. Otherwise, "application/x-pkcs7-mime" or "application/x-pkcs7-signature" is used.
RETURN VALUES
SMIME_write_PKCS7
() is intended to return
1 on success or 0 on failure.
SEE ALSO
BIO_f_base64(3), BIO_new(3), i2d_PKCS7_bio_stream(3), PEM_write_bio_PKCS7_stream(3), PEM_write_PKCS7(3), PKCS7_final(3), PKCS7_new(3), SMIME_crlf_copy(3), SMIME_read_PKCS7(3), SMIME_write_CMS(3)
HISTORY
SMIME_write_PKCS7
() first appeared in
OpenSSL 0.9.5 and has been available since OpenBSD
2.7.
BUGS
SMIME_write_PKCS7
() ignores most errors
and is likely to return 1 even after producing corrupt or incomplete
output.
SMIME_write_PKCS7
() always base64 encodes
PKCS#7 structures. There should be an option to disable this.