X509_get0_signature.3ssl man page

X509_get0_signature, X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature, X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid — signature information


 #include <openssl/x509.h>

 void X509_get0_signature(const ASN1_BIT_STRING **psig,
                          const X509_ALGOR **palg,
                          const X509 *x);
 int X509_get_signature_nid(const X509 *x);
 const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x);

 void X509_REQ_get0_signature(const X509_REQ *crl,
                              const ASN1_BIT_STRING **psig,
                              const X509_ALGOR **palg);
 int X509_REQ_get_signature_nid(const X509_REQ *crl);

 void X509_CRL_get0_signature(const X509_CRL *crl,
                              const ASN1_BIT_STRING **psig,
                              const X509_ALGOR **palg);
 int X509_CRL_get_signature_nid(const X509_CRL *crl);


X509_get0_signature() sets *psig to the signature of x and *palg to the signature algorithm of x. The values returned are internal pointers which MUST NOT be freed up after the call.

X509_get0_tbs_sigalg() returns the signature algorithm in the signed portion of x.

X509_get_signature_nid() returns the NID corresponding to the signature algorithm of x.

X509_REQ_get0_signature(), X509_REQ_get_signature_nid() X509_CRL_get0_signature() and X509_CRL_get_signature_nid() perform the same function for certificate requests and CRLs.


These functions provide lower level access to signatures in certificates where an application wishes to analyse or generate a signature in a form where X509_sign() et al is not appropriate (for example a non standard or unsupported format).

Return Values

X509_get_signature_nid(), X509_REQ_get_signature_nid() and X509_CRL_get_signature_nid() return a NID.

X509_get0_signature(), X509_REQ_get0_signature() and X509_CRL_get0_signature() do not return values.

See Also

d2i_X509(3), ERR_get_error(3), X509_CRL_get0_by_serial(3), X509_get_ext_d2i(3), X509_get_extension_flags(3), X509_get_pubkey(3), X509_get_subject_name(3), X509_get_version(3), X509_NAME_add_entry_by_txt(3), X509_NAME_ENTRY_get_object(3), X509_NAME_get_index_by_NID(3), X509_NAME_print_ex(3), X509_new(3), X509_sign(3), X509V3_get_d2i(3), X509_verify_cert(3)


X509_get0_signature() and X509_get_signature_nid() were first added to OpenSSL 1.0.2.

X509_REQ_get0_signature(), X509_REQ_get_signature_nid(), X509_CRL_get0_signature() and X509_CRL_get_signature_nid() were first added to OpenSSL 1.1.0.


2017-03-06 1.1.0e OpenSSL