]>
Commit | Line | Data |
---|---|---|
a593cffe DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
a51c9f63 VD |
5 | SSL_get_peer_signature_nid, SSL_get_peer_signature_type_nid, |
6 | SSL_get_signature_nid, SSL_get_signature_type_nid - get TLS message signing | |
7 | types | |
a593cffe DSH |
8 | |
9 | =head1 SYNOPSIS | |
10 | ||
11 | #include <openssl/ssl.h> | |
12 | ||
13 | int SSL_get_peer_signature_nid(SSL *ssl, int *psig_nid); | |
14 | int SSL_get_peer_signature_type_nid(const SSL *ssl, int *psigtype_nid); | |
a51c9f63 VD |
15 | int SSL_get_signature_nid(SSL *ssl, int *psig_nid); |
16 | int SSL_get_signature_type_nid(const SSL *ssl, int *psigtype_nid); | |
a593cffe DSH |
17 | |
18 | =head1 DESCRIPTION | |
19 | ||
20 | SSL_get_peer_signature_nid() sets B<*psig_nid> to the NID of the digest used | |
21 | by the peer to sign TLS messages. It is implemented as a macro. | |
22 | ||
23 | SSL_get_peer_signature_type_nid() sets B<*psigtype_nid> to the signature | |
24 | type used by the peer to sign TLS messages. Currently the signature type | |
25 | is the NID of the public key type used for signing except for PSS signing | |
322755cc HK |
26 | where it is B<EVP_PKEY_RSA_PSS>. To differentiate between |
27 | B<rsa_pss_rsae_*> and B<rsa_pss_pss_*> signatures, it's necessary to check | |
28 | the type of public key in the peer's certificate. | |
a593cffe | 29 | |
a51c9f63 VD |
30 | SSL_get_signature_nid() and SSL_get_signature_type_nid() return the equivalent |
31 | information for the local end of the connection. | |
32 | ||
a593cffe DSH |
33 | =head1 RETURN VALUES |
34 | ||
35 | These functions return 1 for success and 0 for failure. There are several | |
c4de074e | 36 | possible reasons for failure: the cipher suite has no signature (e.g. it |
a593cffe | 37 | uses RSA key exchange or is anonymous), the TLS version is below 1.2 or |
a51c9f63 | 38 | the functions were called too early, e.g. before the peer signed a message. |
a593cffe DSH |
39 | |
40 | =head1 SEE ALSO | |
41 | ||
42 | L<ssl(7)>, L<SSL_get_peer_certificate(3)>, | |
43 | ||
44 | =head1 COPYRIGHT | |
45 | ||
1212818e | 46 | Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. |
a593cffe | 47 | |
4746f25a | 48 | Licensed under the Apache License 2.0 (the "License"). You may not use |
a593cffe DSH |
49 | this file except in compliance with the License. You can obtain a copy |
50 | in the file LICENSE in the source distribution or at | |
51 | L<https://www.openssl.org/source/license.html>. | |
52 | ||
53 | =cut |