diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-11-13 11:00:10 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-11-13 11:00:10 +0100 |
commit | a01919e802b3cba98f20340cea1718351a16e93d (patch) | |
tree | 139ac791c3bc3fa907a5ac7a52ff71d40172946e /doc/cha-crypto.texi | |
parent | 801425e96a8a57094934da6e48bfa441e051af98 (diff) | |
download | gnutls-a01919e802b3cba98f20340cea1718351a16e93d.tar.gz |
Added documentation on PKCS #7 signing
Diffstat (limited to 'doc/cha-crypto.texi')
-rw-r--r-- | doc/cha-crypto.texi | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/doc/cha-crypto.texi b/doc/cha-crypto.texi index ebe4331915..3e640c2dd2 100644 --- a/doc/cha-crypto.texi +++ b/doc/cha-crypto.texi @@ -44,6 +44,35 @@ accessed using the abstract key API in @ref{Abstract key types}. This is a high level API with the advantage of transparently handling keys in memory and keys present in smart cards. +@subsection PKCS #7 signing +@cindex PKCS #7 +@cindex file signing + +The PKCS #7 format is common format used for digital signatures. It allows to sign +by embedding the data into the signature, or creating detached signatures of the data, +including a timestamp, additional certificates etc. In certain cases this format is also +used to transport lists of certificates and CRLs. + +The basic functions to initialize, deinitialize, import, export or print information +about a PKCS #7 structure are shown below. +@showfuncE{gnutls_pkcs7_init,gnutls_pkcs7_deinit,gnutls_pkcs7_export2,gnutls_pkcs7_import,gnutls_pkcs7_print} + +The following functions allow the verification of a structure using either a trust list, or +individual certificates. The @funcref{gnutls_pkcs7_sign} function is the data signing function. + +@showfuncB{gnutls_pkcs7_verify_direct,gnutls_pkcs7_verify} +@showfuncdesc{gnutls_pkcs7_sign} + +@showenumdesc{gnutls_pkcs7_sign_flags,Flags applicable to gnutls_pkcs7_sign()} + +Other helper functions which allow to access the signatures, or certificates attached +in the structure are listed below. + +@showfuncF{gnutls_pkcs7_get_signature_count,gnutls_pkcs7_get_signature_info,gnutls_pkcs7_get_crt_count,gnutls_pkcs7_get_crt_raw2,gnutls_pkcs7_get_crl_count,gnutls_pkcs7_get_crl_raw2} + +To append certificates, or CRLs in the structure the following functions are provided. +@showfuncD{gnutls_pkcs7_set_crt_raw,gnutls_pkcs7_set_crt,gnutls_pkcs7_set_crl_raw,gnutls_pkcs7_set_crl} + @node Hash and HMAC functions @section Hash and HMAC functions @cindex hash functions |