2017-01-27 02:19:54 +00:00
|
|
|
=pod
|
|
|
|
|
|
|
|
=head1 NAME
|
|
|
|
|
2018-11-10 06:53:56 +00:00
|
|
|
SSL_get_peer_signature_nid, SSL_get_peer_signature_type_nid,
|
|
|
|
SSL_get_signature_nid, SSL_get_signature_type_nid - get TLS message signing
|
|
|
|
types
|
2017-01-27 02:19:54 +00:00
|
|
|
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
|
|
|
|
#include <openssl/ssl.h>
|
|
|
|
|
|
|
|
int SSL_get_peer_signature_nid(SSL *ssl, int *psig_nid);
|
|
|
|
int SSL_get_peer_signature_type_nid(const SSL *ssl, int *psigtype_nid);
|
2018-11-10 06:53:56 +00:00
|
|
|
int SSL_get_signature_nid(SSL *ssl, int *psig_nid);
|
|
|
|
int SSL_get_signature_type_nid(const SSL *ssl, int *psigtype_nid);
|
2017-01-27 02:19:54 +00:00
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
|
|
|
SSL_get_peer_signature_nid() sets B<*psig_nid> to the NID of the digest used
|
|
|
|
by the peer to sign TLS messages. It is implemented as a macro.
|
|
|
|
|
|
|
|
SSL_get_peer_signature_type_nid() sets B<*psigtype_nid> to the signature
|
|
|
|
type used by the peer to sign TLS messages. Currently the signature type
|
|
|
|
is the NID of the public key type used for signing except for PSS signing
|
2018-09-01 00:40:51 +00:00
|
|
|
where it is B<EVP_PKEY_RSA_PSS>. To differentiate between
|
|
|
|
B<rsa_pss_rsae_*> and B<rsa_pss_pss_*> signatures, it's necessary to check
|
|
|
|
the type of public key in the peer's certificate.
|
2017-01-27 02:19:54 +00:00
|
|
|
|
2018-11-10 06:53:56 +00:00
|
|
|
SSL_get_signature_nid() and SSL_get_signature_type_nid() return the equivalent
|
|
|
|
information for the local end of the connection.
|
|
|
|
|
2017-01-27 02:19:54 +00:00
|
|
|
=head1 RETURN VALUES
|
|
|
|
|
|
|
|
These functions return 1 for success and 0 for failure. There are several
|
2017-03-29 21:38:30 +00:00
|
|
|
possible reasons for failure: the cipher suite has no signature (e.g. it
|
2017-01-27 02:19:54 +00:00
|
|
|
uses RSA key exchange or is anonymous), the TLS version is below 1.2 or
|
2018-11-10 06:53:56 +00:00
|
|
|
the functions were called too early, e.g. before the peer signed a message.
|
2017-01-27 02:19:54 +00:00
|
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
|
|
|
|
L<ssl(7)>, L<SSL_get_peer_certificate(3)>,
|
|
|
|
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
|
2018-09-11 12:22:14 +00:00
|
|
|
Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
|
2017-01-27 02:19:54 +00:00
|
|
|
|
|
|
|
Licensed under the OpenSSL license (the "License"). You may not use
|
|
|
|
this file except in compliance with the License. You can obtain a copy
|
|
|
|
in the file LICENSE in the source distribution or at
|
|
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
|
|
|
|
=cut
|