diff options
Diffstat (limited to 'doc/man3/CMS_verify.pod')
| -rw-r--r-- | doc/man3/CMS_verify.pod | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/doc/man3/CMS_verify.pod b/doc/man3/CMS_verify.pod index d7a423c30b29..70c8eb212d6b 100644 --- a/doc/man3/CMS_verify.pod +++ b/doc/man3/CMS_verify.pod @@ -74,10 +74,14 @@ from the content. If the content is not of type B<text/plain> then an error is returned. If B<CMS_NO_SIGNER_CERT_VERIFY> is set the signing certificates are not -chain verified. +chain verified, unless B<CMS_CADES> flag is also set. If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not -verified. +verified, unless CMS_CADES flag is also set. + +If B<CMS_CADES> is set, each signer certificate is checked against the +ESS signingCertificate or ESS signingCertificateV2 extension +that is required in the signed attributes of the signature. If B<CMS_NO_CONTENT_VERIFY> is set then the content digest is not checked. @@ -133,7 +137,7 @@ L<ERR_get_error(3)>, L<CMS_sign(3)> Copyright 2008-2022 The OpenSSL Project Authors. All Rights Reserved. -Licensed under the OpenSSL license (the "License"). You may not use +Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at L<https://www.openssl.org/source/license.html>. |