1.\" $OpenBSD: X509_get0_signature.3,v 1.8 2023/03/16 12:01:47 job Exp $ 2.\" selective merge up to: 3.\" OpenSSL man3/X509_get0_signature 2f7a2520 Apr 25 17:28:08 2017 +0100 4.\" 5.\" This file is a derived work. 6.\" The changes are covered by the following Copyright and license: 7.\" 8.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org> 9.\" 10.\" Permission to use, copy, modify, and distribute this software for any 11.\" purpose with or without fee is hereby granted, provided that the above 12.\" copyright notice and this permission notice appear in all copies. 13.\" 14.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 15.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 16.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 17.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 18.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 19.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 20.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 21.\" 22.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>. 23.\" Copyright (c) 2015 The OpenSSL Project. All rights reserved. 24.\" 25.\" Redistribution and use in source and binary forms, with or without 26.\" modification, are permitted provided that the following conditions 27.\" are met: 28.\" 29.\" 1. Redistributions of source code must retain the above copyright 30.\" notice, this list of conditions and the following disclaimer. 31.\" 32.\" 2. Redistributions in binary form must reproduce the above copyright 33.\" notice, this list of conditions and the following disclaimer in 34.\" the documentation and/or other materials provided with the 35.\" distribution. 36.\" 37.\" 3. All advertising materials mentioning features or use of this 38.\" software must display the following acknowledgment: 39.\" "This product includes software developed by the OpenSSL Project 40.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 41.\" 42.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 43.\" endorse or promote products derived from this software without 44.\" prior written permission. For written permission, please contact 45.\" openssl-core@openssl.org. 46.\" 47.\" 5. Products derived from this software may not be called "OpenSSL" 48.\" nor may "OpenSSL" appear in their names without prior written 49.\" permission of the OpenSSL Project. 50.\" 51.\" 6. Redistributions of any form whatsoever must retain the following 52.\" acknowledgment: 53.\" "This product includes software developed by the OpenSSL Project 54.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" 55.\" 56.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 57.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 58.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 59.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 60.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 61.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 62.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 63.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 64.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 65.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 66.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 67.\" OF THE POSSIBILITY OF SUCH DAMAGE. 68.\" 69.Dd $Mdocdate: March 16 2023 $ 70.Dt X509_GET0_SIGNATURE 3 71.Os 72.Sh NAME 73.Nm X509_get0_signature , 74.Nm X509_REQ_get0_signature , 75.Nm X509_CRL_get0_signature , 76.Nm X509_get0_tbs_sigalg , 77.Nm X509_CRL_get0_tbs_sigalg , 78.Nm X509_get_signature_type , 79.Nm X509_get_signature_nid , 80.Nm X509_REQ_get_signature_nid , 81.Nm X509_CRL_get_signature_nid 82.Nd signature information 83.Sh SYNOPSIS 84.In openssl/x509.h 85.Ft void 86.Fo X509_get0_signature 87.Fa "const ASN1_BIT_STRING **psig" 88.Fa "const X509_ALGOR **palg" 89.Fa "const X509 *x" 90.Fc 91.Ft void 92.Fo X509_REQ_get0_signature 93.Fa "const X509_REQ *req" 94.Fa "const ASN1_BIT_STRING **psig" 95.Fa "const X509_ALGOR **palg" 96.Fc 97.Ft void 98.Fo X509_CRL_get0_signature 99.Fa "const X509_CRL *crl" 100.Fa "const ASN1_BIT_STRING **psig" 101.Fa "const X509_ALGOR **palg" 102.Fc 103.Ft const X509_ALGOR * 104.Fo X509_get0_tbs_sigalg 105.Fa "const X509 *x" 106.Fc 107.Ft const X509_ALGOR * 108.Fo X509_CRL_get0_tbs_sigalg 109.Fa "const X509_CRL *crl" 110.Fc 111.Ft int 112.Fo X509_get_signature_type 113.Fa "const X509 *x" 114.Fc 115.Ft int 116.Fo X509_get_signature_nid 117.Fa "const X509 *x" 118.Fc 119.Ft int 120.Fo X509_REQ_get_signature_nid 121.Fa "const X509_REQ *req" 122.Fc 123.Ft int 124.Fo X509_CRL_get_signature_nid 125.Fa "const X509_CRL *crl" 126.Fc 127.Sh DESCRIPTION 128.Fn X509_get0_signature , 129.Fn X509_REQ_get0_signature , 130and 131.Fn X509_CRL_get0_signature 132set 133.Pf * Fa psig 134to the signature and 135.Pf * Fa palg 136to the signature algorithm of 137.Fa x , 138.Fa req , 139or 140.Fa crl , 141respectively. 142.Fn X509_get0_tbs_sigalg 143and 144.Fn X509_CRL_get0_tbs_sigalg 145return the signature algorithm in the signed portion of 146.Fa x 147or 148.Fa crl , 149respectively. 150The values returned are internal pointers 151that must not be freed by the caller. 152.Pp 153.Fn X509_get_signature_type 154returns the base NID corresponding to the signature algorithm of 155.Fa x 156just like 157.Xr EVP_PKEY_base_id 3 158does. 159.Pp 160.Fn X509_get_signature_nid , 161.Fn X509_REQ_get_signature_nid , 162and 163.Fn X509_CRL_get_signature_nid 164return the NID corresponding to the signature algorithm of 165.Fa x , 166.Fa req , 167or 168.Fa crl , 169respectively, just like 170.Xr EVP_PKEY_id 3 171does. 172.Pp 173These functions provide lower level access to the signature 174for cases where an application wishes to analyse or generate a 175signature in a form where 176.Xr X509_sign 3 177is not appropriate, for example in a non-standard or unsupported format. 178.Sh SEE ALSO 179.Xr EVP_PKEY_base_id 3 , 180.Xr OBJ_obj2nid 3 , 181.Xr X509_ALGOR_new 3 , 182.Xr X509_CRL_get0_by_serial 3 , 183.Xr X509_CRL_new 3 , 184.Xr X509_get_pubkey 3 , 185.Xr X509_get_subject_name 3 , 186.Xr X509_get_version 3 , 187.Xr X509_new 3 , 188.Xr X509_REQ_new 3 , 189.Xr X509_sign 3 , 190.Xr X509_signature_dump 3 , 191.Xr X509_verify_cert 3 192.Sh HISTORY 193.Fn X509_get_signature_type 194first appeared in SSLeay 0.8.0 and has been available since 195.Ox 2.4 . 196.Pp 197.Fn X509_get0_signature 198and 199.Fn X509_get_signature_nid 200first appeared in OpenSSL 1.0.2. 201.Fn X509_REQ_get0_signature , 202.Fn X509_CRL_get0_signature , 203.Fn X509_get0_tbs_sigalg , 204.Fn X509_REQ_get_signature_nid , 205and 206.Fn X509_CRL_get_signature_nid 207first appeared in OpenSSL 1.1.0. 208All these functions have been available since 209.Ox 6.3 . 210.Pp 211.Fn X509_CRL_get0_tbs_sigalg 212first appeared in LibreSSL 3.7.1 and has been available since 213.Ox 7.3 . 214