OpenBSD manual page server

Manual Page Search Parameters
SMIME_WRITE_PKCS7(3) Library Functions Manual SMIME_WRITE_PKCS7(3)

SMIME_write_PKCS7convert PKCS#7 structure to S/MIME format

#include <openssl/pkcs7.h>

int
SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);

() adds the appropriate MIME headers to a PKCS#7 structure to produce an S/MIME message.

out is the BIO to write the data to. p7 is the appropriate PKCS7 structure. If streaming is enabled, then the content must be supplied in the data argument. flags is an optional set of flags.

The following flags can be passed in the flags parameter.

If PKCS7_DETACHED is set, then cleartext signing will be used. This option only makes sense for signedData where PKCS7_DETACHED is also set when PKCS7_sign(3) is also called.

If the PKCS7_TEXT flag is set, MIME headers for type are added to the content. This only makes sense if PKCS7_DETACHED is also set.

If the PKCS7_STREAM flag is set, streaming is performed. This flag should only be set if PKCS7_STREAM was also set in the previous call to PKCS7_sign(3) or PKCS7_encrypt(3).

The bit SMIME_OLDMIME is inverted before passing on the flags to SMIME_write_ASN1(3). Consequently, if this bit is set in the flags argument, "application/pkcs7-mime" or "application/pkcs7-signature" is used in Content-Type headers. Otherwise, "application/x-pkcs7-mime" or "application/x-pkcs7-signature" is used.

If cleartext signing is being used and PKCS7_STREAM is not set, then the data must be read twice: once to compute the signature in PKCS7_sign(3) and once to output the S/MIME message.

If streaming is performed, the content is output in BER format using indefinite length constructed encoding except in the case of signed data with detached content where the content is absent and DER format is used.

Upon successful completion, 1 is returned; otherwise 0 is returned and an error code can be retrieved with ERR_get_error(3).

i2d_PKCS7_bio_stream(3), PEM_write_bio_PKCS7_stream(3), PEM_write_PKCS7(3), PKCS7_final(3), PKCS7_new(3), SMIME_read_PKCS7(3), SMIME_write_ASN1(3)

SMIME_write_PKCS7() first appeared in OpenSSL 0.9.5 and has been available since OpenBSD 2.7.

SMIME_write_PKCS7() always base64 encodes PKCS#7 structures. There should be an option to disable this.

December 14, 2021 OpenBSD-current