Lines Matching refs:I
19 It verifies a PKCS#7 signedData structure given in I<p7>.
20 The optional I<certs> parameter refers to a set of certificates
24 I<p7> may contain extra untrusted CA certificates that may be used for
26 I<store> may be NULL or point to
28 I<indata> refers to the signed data if the content is detached from I<p7>.
29 Otherwise I<indata> should be NULL, and then the signed data must be in I<p7>.
30 The content is written to the BIO I<out> unless it is NULL.
31 I<flags> is an optional set of flags, which can be used to modify the operation.
33 PKCS7_get0_signers() retrieves the signer's certificates from I<p7>, it does
34 B<not> check their validity or whether any signatures are valid. The I<certs>
35 and I<flags> parameters have the same meanings as in PKCS7_verify().
41 Initially some sanity checks are performed on I<p7>. The type of I<p7> must
43 the content is detached I<indata> cannot be NULL. If the content is
44 not detached and I<indata> is not NULL then the structure has both
51 the I<certs> parameter (if it is not NULL). Then they are looked up in any
52 certificates contained in the I<p7> structure unless B<PKCS7_NOINTERN> is set.
56 using the trusted certificate store I<store> if supplied.
60 If CRL checking is enabled in I<store> and B<PKCS7_NOCRL> is not set,
62 are used in addition to attempting to look them up in I<store>.
63 If I<store> is not NULL and any chain verify fails an error code is returned.
65 Finally the signed content is read (and written to I<out> unless it is NULL)
70 Any of the following flags (ored together) can be passed in the I<flags>
76 This means that all the signer's certificates must be in the I<certs> parameter.
78 If B<PKCS7_NOCRL> is set and CRL checking is enabled in I<store> then any
97 in the I<certs> parameter. In this case if the signer's certificate is not one
98 of the certificates supplied in I<certs> then the verify will fail because the
104 useful if one merely wishes to write the content to I<out> and its validity
