OpenBSD manual page server

NAME

X509_get0_signature, X509_REQ_get0_signature, X509_CRL_get0_signature, X509_get0_tbs_sigalg, X509_CRL_get0_tbs_sigalg, X509_get_signature_type, X509_get_signature_nid, X509_REQ_get_signature_nid, X509_CRL_get_signature_nid — signature information

SYNOPSIS

#include <openssl/x509.h>

void
X509_get0_signature(const ASN1_BIT_STRING **psig, const X509_ALGOR **palg, const X509 *x);

void
X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig, const X509_ALGOR **palg);

void
X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, const X509_ALGOR **palg);

const X509_ALGOR *
X509_get0_tbs_sigalg(const X509 *x);

const X509_ALGOR *
X509_CRL_get0_tbs_sigalg(const X509_CRL *crl);

int
X509_get_signature_type(const X509 *x);

int
X509_get_signature_nid(const X509 *x);

int
X509_REQ_get_signature_nid(const X509_REQ *req);

int
X509_CRL_get_signature_nid(const X509_CRL *crl);

DESCRIPTION

X509_get0_signature(), X509_REQ_get0_signature(), and X509_CRL_get0_signature() set *psig to the signature and *palg to the signature algorithm of x, req, or crl, respectively. X509_get0_tbs_sigalg() and X509_CRL_get0_tbs_sigalg() return the signature algorithm in the signed portion of x or crl, respectively. The values returned are internal pointers that must not be freed by the caller.

X509_get_signature_type() returns the base NID corresponding to the signature algorithm of x just like EVP_PKEY_base_id(3) does.

X509_get_signature_nid(), X509_REQ_get_signature_nid(), and X509_CRL_get_signature_nid() return the NID corresponding to the signature algorithm of x, req, or crl, respectively, just like EVP_PKEY_id(3) does.

These functions provide lower level access to the signature for cases where an application wishes to analyse or generate a signature in a form where X509_sign(3) is not appropriate, for example in a non-standard or unsupported format.

SEE ALSO

EVP_PKEY_base_id(3), OBJ_obj2nid(3), X509_ALGOR_new(3), X509_CRL_get0_by_serial(3), X509_CRL_new(3), X509_get_pubkey(3), X509_get_subject_name(3), X509_get_version(3), X509_new(3), X509_REQ_new(3), X509_sign(3), X509_signature_dump(3), X509_verify_cert(3)

HISTORY

X509_get_signature_type() first appeared in SSLeay 0.8.0 and has been available since OpenBSD 2.4.

X509_get0_signature() and X509_get_signature_nid() first appeared in OpenSSL 1.0.2. X509_REQ_get0_signature(), X509_CRL_get0_signature(), X509_get0_tbs_sigalg(), X509_REQ_get_signature_nid(), and X509_CRL_get_signature_nid() first appeared in OpenSSL 1.1.0. All these functions have been available since OpenBSD 6.3.

X509_CRL_get0_tbs_sigalg() first appeared in LibreSSL 3.7.1 and has been available since OpenBSD 7.3.