diff options
Diffstat (limited to 'secure/lib/libcrypto/man/man3/X509_digest.3')
-rw-r--r-- | secure/lib/libcrypto/man/man3/X509_digest.3 | 54 |
1 files changed, 40 insertions, 14 deletions
diff --git a/secure/lib/libcrypto/man/man3/X509_digest.3 b/secure/lib/libcrypto/man/man3/X509_digest.3 index fdd6a70e10b4..73742b4fef0f 100644 --- a/secure/lib/libcrypto/man/man3/X509_digest.3 +++ b/secure/lib/libcrypto/man/man3/X509_digest.3 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.40) +.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42) .\" .\" Standard preamble: .\" ======================================================================== @@ -68,8 +68,6 @@ . \} .\} .rr rF -.\" -.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ @@ -132,14 +130,21 @@ .rm #[ #] #H #V #F C .\" ======================================================================== .\" -.IX Title "X509_DIGEST 3" -.TH X509_DIGEST 3 "2022-07-05" "1.1.1q" "OpenSSL" +.IX Title "X509_DIGEST 3ossl" +.TH X509_DIGEST 3ossl "2023-09-19" "3.0.11" "OpenSSL" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" -X509_digest, X509_CRL_digest, X509_pubkey_digest, X509_NAME_digest, X509_REQ_digest, PKCS7_ISSUER_AND_SERIAL_digest \&\- get digest of various objects +X509_digest, +X509_digest_sig, +X509_CRL_digest, +X509_pubkey_digest, +X509_NAME_digest, +X509_REQ_digest, +PKCS7_ISSUER_AND_SERIAL_digest +\&\- get digest of various objects .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 @@ -147,6 +152,8 @@ X509_digest, X509_CRL_digest, X509_pubkey_digest, X509_NAME_digest, X509_REQ_dig \& \& int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md, \& unsigned int *len); +\& ASN1_OCTET_STRING *X509_digest_sig(const X509 *cert, +\& EVP_MD **md_used, int *md_is_fallback); \& \& int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md, \& unsigned int *len); @@ -168,27 +175,46 @@ X509_digest, X509_CRL_digest, X509_pubkey_digest, X509_NAME_digest, X509_REQ_dig .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" +\&\fBX509_digest_sig()\fR calculates a digest of the given certificate \fIcert\fR +using the same hash algorithm as in its signature, if the digest +is an integral part of the certificate signature algorithm identifier. +Otherwise, a fallback hash algorithm is determined as follows: +\&\s-1SHA512\s0 if the signature algorithm is \s-1ED25519, +SHAKE256\s0 if it is \s-1ED448,\s0 otherwise \s-1SHA256.\s0 +The output parameters are assigned as follows. +Unless \fImd_used\fR is \s-1NULL,\s0 the hash algorithm used is provided +in \fI*md_used\fR and must be freed by the caller (if it is not \s-1NULL\s0). +Unless \fImd_is_fallback\fR is \s-1NULL,\s0 +the \fI*md_is_fallback\fR is set to 1 if the hash algorithm used is a fallback, +otherwise to 0. +.PP \&\fBX509_pubkey_digest()\fR returns a digest of the \s-1DER\s0 representation of the public -key in the specified X509 \fBdata\fR object. +key in the specified X509 \fIdata\fR object. +.PP All other functions described here return a digest of the \s-1DER\s0 representation -of their entire \fBdata\fR objects. +of their entire \fIdata\fR objects. .PP -The \fBtype\fR parameter specifies the digest to -be used, such as \fBEVP_sha1()\fR. The \fBmd\fR is a pointer to the buffer where the +The \fItype\fR parameter specifies the digest to +be used, such as \fBEVP_sha1()\fR. The \fImd\fR is a pointer to the buffer where the digest will be copied and is assumed to be large enough; the constant -\&\fB\s-1EVP_MAX_MD_SIZE\s0\fR is suggested. The \fBlen\fR parameter, if not \s-1NULL,\s0 points +\&\fB\s-1EVP_MAX_MD_SIZE\s0\fR is suggested. The \fIlen\fR parameter, if not \s-1NULL,\s0 points to a place where the digest size will be stored. .SH "RETURN VALUES" .IX Header "RETURN VALUES" -All functions described here return 1 for success and 0 for failure. +\&\fBX509_digest_sig()\fR returns an \s-1ASN1_OCTET_STRING\s0 pointer on success, else \s-1NULL.\s0 +.PP +All other functions described here return 1 for success and 0 for failure. .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fBEVP_sha1\fR\|(3) +.SH "HISTORY" +.IX Header "HISTORY" +The \fBX509_digest_sig()\fR function was added in OpenSSL 3.0. .SH "COPYRIGHT" .IX Header "COPYRIGHT" -Copyright 2017\-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2017\-2023 The OpenSSL Project Authors. All Rights Reserved. .PP -Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use +Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use this file except in compliance with the License. You can obtain a copy in the file \s-1LICENSE\s0 in the source distribution or at <https://www.openssl.org/source/license.html>. |