gnutls_pkcs7_sign — API function
Synopsis
#include <gnutls/pkcs7.h>
int gnutls_pkcs7_sign(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t signer, gnutls_privkey_t signer_key, const gnutls_datum_t * data, gnutls_pkcs7_attrs_t signed_attrs, gnutls_pkcs7_attrs_t unsigned_attrs, gnutls_digest_algorithm_t dig, unsigned flags);
Arguments
- gnutls_pkcs7_t pkcs7
should contain a gnutls_pkcs7_t type
- gnutls_x509_crt_t signer
the certificate to sign the structure
- gnutls_privkey_t signer_key
the key to sign the structure
- const gnutls_datum_t * data
The data to be signed or NULL if the data are already embedded
- gnutls_pkcs7_attrs_t signed_attrs
Any additional attributes to be included in the signed ones (or NULL)
- gnutls_pkcs7_attrs_t unsigned_attrs
Any additional attributes to be included in the unsigned ones (or NULL)
- gnutls_digest_algorithm_t dig
The digest algorithm to use for signing
- unsigned flags
Should be zero or one of GNUTLS_PKCS7 flags
Description
This function will add a signature in the provided PKCS 7 structure for the provided data. Multiple signatures can be made with different signers.
The available flags are: GNUTLS_PKCS7_EMBED_DATA, GNUTLS_PKCS7_INCLUDE_TIME, GNUTLS_PKCS7_INCLUDE_CERT, and GNUTLS_PKCS7_WRITE_SPKI. They are explained in the gnutls_pkcs7_sign_flags definition.
Returns
On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
Since
3.4.2
Reporting Bugs
Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org
Copyright
Copyright © 2001-2019 Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.
See Also
The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit