X509_get0_distinguishing_id.3ossl - Man Page

get or set the Distinguishing ID for certificate operations

Synopsis

 #include <openssl/x509.h>

 ASN1_OCTET_STRING *X509_get0_distinguishing_id(X509 *x);
 void X509_set0_distinguishing_id(X509 *x, ASN1_OCTET_STRING *distid);
 ASN1_OCTET_STRING *X509_REQ_get0_distinguishing_id(X509_REQ *x);
 void X509_REQ_set0_distinguishing_id(X509_REQ *x, ASN1_OCTET_STRING *distid);

Description

The Distinguishing ID is defined in FIPS 196 as follows:

Distinguishing identifier: Information which unambiguously distinguishes an entity in the authentication process.

The SM2 signature algorithm requires a Distinguishing ID value when generating and verifying a signature, but the Ddistinguishing ID may also find other uses. In the context of SM2, the Distinguishing ID is often referred to as the "SM2 ID".

For the purpose off verifying a certificate or a certification request, a Distinguishing ID may be attached to it, so functions like X509_verify(3) or X509_REQ_verify(3) have easy access to that identity for signature verification.

X509_get0_distinguishing_id() gets the Distinguishing ID value of a certificate x by returning an ASN1_OCTET_STRING object which should not be freed by the caller.

X509_set0_distinguishing_id() assigns distid to the certificate x. Calling this function transfers the memory management of the value to the X509 object, and therefore the value that has been passed in should not be freed by the caller after this function has been called.

X509_REQ_get0_distinguishing_id() and X509_REQ_set0_distinguishing_id() have the same functionality as X509_get0_distinguishing_id() and X509_set0_distinguishing_id() except that they deal with X509_REQ objects instead of X509.

X509_get0_distinguishing_id.3ossl - Man Page

Synopsis

Description

Return Values

See Also

Copyright

Referenced By