OpenBSD manual page server

Manual Page Search Parameters

D2I_X509_SIG(3) Library Functions Manual D2I_X509_SIG(3)

d2i_X509_SIG, i2d_X509_SIG, d2i_PKCS8_bio, i2d_PKCS8_bio, d2i_PKCS8_fp, i2d_PKCS8_fpdecode and encode PKCS#7 digest information

#include <openssl/x509.h>

X509_SIG *
d2i_X509_SIG(X509_SIG **val_out, unsigned char **der_in, long length);

i2d_X509_SIG(X509_SIG *val_in, unsigned char **der_out);

X509_SIG *
d2i_PKCS8_bio(BIO *in_bio, X509_SIG **val_out);

i2d_PKCS8_bio(BIO *out_bio, X509_SIG *val_in);

X509_SIG *
d2i_PKCS8_fp(FILE *in_fp, X509_SIG **val_out);

i2d_PKCS8_fp(FILE *out_fp, X509_SIG *val_in);

() and () decode and encode an ASN.1 DigestInfo structure defined in RFC 2315 section 9.4 and equivalently in RFC 8017 section 9.2. For details about the semantics, examples, caveats, and bugs, see ASN1_item_d2i(3).

() and () are similar to d2i_X509_SIG() except that they read from a BIO or FILE pointer.

() and () are similar to i2d_X509_SIG() except that they write to a BIO or FILE pointer.

d2i_X509_SIG(), d2i_PKCS8_bio(), and d2i_PKCS8_fp() return a X509_SIG object or NULL if an error occurs.

i2d_X509_SIG() returns the number of bytes successfully encoded or a negative value if an error occurs.

i2d_PKCS8_bio() and i2d_PKCS8_fp() return 1 for success or 0 if an error occurs.

ASN1_item_d2i(3), PKCS7_new(3), RSA_sign(3), X509_SIG_new(3)

RFC 2315: PKCS #7: Cryptographic Message Syntax, section 9: Signed-data content type

RFC 8017: PKCS #1: RSA Cryptography Specifications, section 9: Encoding Methods for Signatures

d2i_PKCS8_bio(), i2d_PKCS8_bio(), d2i_PKCS8_fp(), and i2d_PKCS8_fp() are severely misnamed and should have been called “d2i_X509_SIG_bio” and so on.

Or arguably, the X509_SIG object is misnamed itself, considering that it represents DigestInfo from PKCS#7 and PKCS#1. Then again, calling it “PKCS8” instead clearly isn't an improvement.

Either way, these names just don't fit.

December 28, 2016 OpenBSD-6.2