105901b04Schristos=pod 205901b04Schristos 305901b04Schristos=head1 NAME 405901b04Schristos 5b02ec1eeSchristosSSL_get_peer_signature_nid, SSL_get_peer_signature_type_nid, 6b02ec1eeSchristosSSL_get_signature_nid, SSL_get_signature_type_nid - get TLS message signing 7b02ec1eeSchristostypes 805901b04Schristos 905901b04Schristos=head1 SYNOPSIS 1005901b04Schristos 1105901b04Schristos #include <openssl/ssl.h> 1205901b04Schristos 1305901b04Schristos int SSL_get_peer_signature_nid(SSL *ssl, int *psig_nid); 1405901b04Schristos int SSL_get_peer_signature_type_nid(const SSL *ssl, int *psigtype_nid); 15b02ec1eeSchristos int SSL_get_signature_nid(SSL *ssl, int *psig_nid); 16b02ec1eeSchristos int SSL_get_signature_type_nid(const SSL *ssl, int *psigtype_nid); 1705901b04Schristos 1805901b04Schristos=head1 DESCRIPTION 1905901b04Schristos 2005901b04SchristosSSL_get_peer_signature_nid() sets B<*psig_nid> to the NID of the digest used 2105901b04Schristosby the peer to sign TLS messages. It is implemented as a macro. 2205901b04Schristos 2305901b04SchristosSSL_get_peer_signature_type_nid() sets B<*psigtype_nid> to the signature 2405901b04Schristostype used by the peer to sign TLS messages. Currently the signature type 2505901b04Schristosis the NID of the public key type used for signing except for PSS signing 2605901b04Schristoswhere it is B<EVP_PKEY_RSA_PSS>. To differentiate between 2705901b04SchristosB<rsa_pss_rsae_*> and B<rsa_pss_pss_*> signatures, it's necessary to check 2805901b04Schristosthe type of public key in the peer's certificate. 2905901b04Schristos 30b02ec1eeSchristosSSL_get_signature_nid() and SSL_get_signature_type_nid() return the equivalent 31b02ec1eeSchristosinformation for the local end of the connection. 32b02ec1eeSchristos 3305901b04Schristos=head1 RETURN VALUES 3405901b04Schristos 3505901b04SchristosThese functions return 1 for success and 0 for failure. There are several 3605901b04Schristospossible reasons for failure: the cipher suite has no signature (e.g. it 3705901b04Schristosuses RSA key exchange or is anonymous), the TLS version is below 1.2 or 38b02ec1eeSchristosthe functions were called too early, e.g. before the peer signed a message. 3905901b04Schristos 4005901b04Schristos=head1 SEE ALSO 4105901b04Schristos 4205901b04SchristosL<ssl(7)>, L<SSL_get_peer_certificate(3)>, 4305901b04Schristos 4405901b04Schristos=head1 COPYRIGHT 4505901b04Schristos 4605901b04SchristosCopyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. 4705901b04Schristos 48*66bae5e7SchristosLicensed under the Apache License 2.0 (the "License"). You may not use 4905901b04Schristosthis file except in compliance with the License. You can obtain a copy 5005901b04Schristosin the file LICENSE in the source distribution or at 5105901b04SchristosL<https://www.openssl.org/source/license.html>. 5205901b04Schristos 5305901b04Schristos=cut 54