Clarify docs.

[oweals/openssl.git] / doc / crypto / PKCS7_encrypt.pod

diff --git a/doc/crypto/PKCS7_encrypt.pod b/doc/crypto/PKCS7_encrypt.pod
index c2597a2b15440290fe64271028332e12f62651fa..7e67f9576ab48da0dd42298d9f4b0fa7f7c05f68 100644 (file)
--- a/doc/crypto/PKCS7_encrypt.pod
+++ b/doc/crypto/PKCS7_encrypt.pod
@@ -6,7 +6,9 @@ PKCS7_encrypt - create a PKCS#7 envelopedData structure
 
 =head1 SYNOPSIS
 
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);
+ #include <openssl/pkcs7.h>
+
+ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);
 
 =head1 DESCRIPTION
 
@@ -29,6 +31,11 @@ RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc() respecti
 The algorithm passed in the B<cipher> parameter must support ASN1 encoding of its
 parameters. 
 
+Many browsers implement a "sign and encrypt" option which is simply an S/MIME 
+envelopedData containing an S/MIME signed message. This can be readily produced
+by storing the S/MIME signed message in a memory BIO and passing it to
+PKCS7_encrypt().
+
 The following flags can be passed in the B<flags> parameter.
 
 If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended