gnutls_pkcs7_sign — API function

Synopsis

#include <gnutls/pkcs7.h>

int gnutls_pkcs7_sign(gnutls_pkcs7_t pkcs7, gnutls_x509_crt_t signer, gnutls_privkey_t signer_key, const gnutls_datum_t * data, gnutls_pkcs7_attrs_t signed_attrs, gnutls_pkcs7_attrs_t unsigned_attrs, gnutls_digest_algorithm_t dig, unsigned flags);

Arguments

gnutls_pkcs7_t pkcs7

should contain a gnutls_pkcs7_t type

gnutls_x509_crt_t signer

the certificate to sign the structure

gnutls_privkey_t signer_key

the key to sign the structure

const gnutls_datum_t * data

The data to be signed or NULL if the data are already embedded

gnutls_pkcs7_attrs_t signed_attrs

Any additional attributes to be included in the signed ones (or NULL)

gnutls_pkcs7_attrs_t unsigned_attrs

Any additional attributes to be included in the unsigned ones (or NULL)

gnutls_digest_algorithm_t dig

The digest algorithm to use for signing

unsigned flags

Should be zero or one of GNUTLS_PKCS7 flags

Description

This function will add a signature in the provided PKCS 7 structure for the provided data. Multiple signatures can be made with different signers.

The available flags are: GNUTLS_PKCS7_EMBED_DATA, GNUTLS_PKCS7_INCLUDE_TIME, GNUTLS_PKCS7_INCLUDE_CERT, and GNUTLS_PKCS7_WRITE_SPKI. They are explained in the gnutls_pkcs7_sign_flags definition.

Returns

On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

Since

3.4.2

Reporting Bugs

Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit

https://www.gnutls.org/manual/

Info

3.6.9 gnutls