| 1 | =pod
|
|---|
| 2 |
|
|---|
| 3 | =head1 NAME
|
|---|
| 4 |
|
|---|
| 5 | EVP_PKEY_get_default_digest_nid, EVP_PKEY_get_default_digest_name
|
|---|
| 6 | - get default signature digest
|
|---|
| 7 |
|
|---|
| 8 | =head1 SYNOPSIS
|
|---|
| 9 |
|
|---|
| 10 | #include <openssl/evp.h>
|
|---|
| 11 |
|
|---|
| 12 | int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey,
|
|---|
| 13 | char *mdname, size_t mdname_sz);
|
|---|
| 14 | int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
|
|---|
| 15 |
|
|---|
| 16 | =head1 DESCRIPTION
|
|---|
| 17 |
|
|---|
| 18 | EVP_PKEY_get_default_digest_name() fills in the default message digest
|
|---|
| 19 | name for the public key signature operations associated with key
|
|---|
| 20 | I<pkey> into I<mdname>, up to at most I<mdname_sz> bytes including the
|
|---|
| 21 | ending NUL byte. The name could be C<"UNDEF">, signifying that a digest
|
|---|
| 22 | must (for return value 2) or may (for return value 1) be left unspecified.
|
|---|
| 23 |
|
|---|
| 24 | EVP_PKEY_get_default_digest_nid() sets I<pnid> to the default message
|
|---|
| 25 | digest NID for the public key signature operations associated with key
|
|---|
| 26 | I<pkey>. Note that some signature algorithms (i.e. Ed25519 and Ed448)
|
|---|
| 27 | do not use a digest during signing. In this case I<pnid> will be set
|
|---|
| 28 | to NID_undef. This function is only reliable for legacy keys, which
|
|---|
| 29 | are keys with a B<EVP_PKEY_ASN1_METHOD>; these keys have typically
|
|---|
| 30 | been loaded from engines, or created with L<EVP_PKEY_assign_RSA(3)> or
|
|---|
| 31 | similar.
|
|---|
| 32 |
|
|---|
| 33 | =head1 NOTES
|
|---|
| 34 |
|
|---|
| 35 | For all current standard OpenSSL public key algorithms SHA256 is returned.
|
|---|
| 36 |
|
|---|
| 37 | =head1 RETURN VALUES
|
|---|
| 38 |
|
|---|
| 39 | EVP_PKEY_get_default_digest_name() and EVP_PKEY_get_default_digest_nid()
|
|---|
| 40 | both return 1 if the message digest is advisory (that is other digests
|
|---|
| 41 | can be used) and 2 if it is mandatory (other digests can not be used).
|
|---|
| 42 | They return 0 or a negative value for failure. In particular a return
|
|---|
| 43 | value of -2 indicates the operation is not supported by the public key
|
|---|
| 44 | algorithm.
|
|---|
| 45 |
|
|---|
| 46 | =head1 SEE ALSO
|
|---|
| 47 |
|
|---|
| 48 | L<EVP_PKEY_CTX_new(3)>,
|
|---|
| 49 | L<EVP_PKEY_sign(3)>,
|
|---|
| 50 | L<EVP_PKEY_digestsign_supports_digest(3)>,
|
|---|
| 51 | L<EVP_PKEY_verify(3)>,
|
|---|
| 52 | L<EVP_PKEY_verify_recover(3)>,
|
|---|
| 53 |
|
|---|
| 54 | =head1 HISTORY
|
|---|
| 55 |
|
|---|
| 56 | This function was added in OpenSSL 1.0.0.
|
|---|
| 57 |
|
|---|
| 58 | =head1 COPYRIGHT
|
|---|
| 59 |
|
|---|
| 60 | Copyright 2006-2023 The OpenSSL Project Authors. All Rights Reserved.
|
|---|
| 61 |
|
|---|
| 62 | Licensed under the Apache License 2.0 (the "License"). You may not use
|
|---|
| 63 | this file except in compliance with the License. You can obtain a copy
|
|---|
| 64 | in the file LICENSE in the source distribution or at
|
|---|
| 65 | L<https://www.openssl.org/source/license.html>.
|
|---|
| 66 |
|
|---|
| 67 | =cut
|
|---|
