SSL_get_shared_sigalgs (3)
Leading comments
Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35) Standard preamble: ========================================================================
NAME
SSL_get_shared_sigalgs, SSL_get_sigalgs - get supported signature algorithmsSYNOPSIS
#include <openssl/ssl.h> int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign, int *phash, int *psignhash, unsigned char *rsig, unsigned char *rhash); int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash, int *psignhash, unsigned char *rsig, unsigned char *rhash);
DESCRIPTION
SSL_get_shared_sigalgs() returns information about the shared signature algorithms supported by peer s. The parameter idx indicates the index of the shared signature algorithm to return starting from zero. The signature algorithmSSL_get_sigalgs() is similar to SSL_get_shared_sigalgs() except it returns information about all signature algorithms supported by s in the order they were sent by the peer.
RETURN VALUES
SSL_get_shared_sigalgs() and SSL_get_sigalgs() return the number of signature algorithms or 0 if the idx parameter is out of range.NOTES
These functions are typically called for debugging purposes (to report the peer's preferences) or where an application wants finer control over certificate selection. Most applications will rely on internal handling and will not need to call them.If an application is only interested in the highest preference shared signature algorithm it can just set idx to zero.
Any or all of the parameters psign, phash, psignhash, rsig or rhash can be set to
These functions must be called after the peer has sent a list of supported signature algorithms: after a client hello (for servers) or a certificate request (for clients). They can (for example) be called in the certificate callback.
Only
The shared signature algorithms returned by SSL_get_shared_sigalgs() are ordered according to configuration and peer preferences.
The raw values correspond to the on the wire form as defined by
If a signature algorithm is not recognised the corresponding NIDs will be set to NID_undef. This may be because the value is not supported or is not an appropriate combination (for example
SEE ALSO
SSL_CTX_set_cert_cb(3), ssl(3)COPYRIGHT
Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.Licensed under the OpenSSL license (the ``License''). You may not use this file except in compliance with the License. You can obtain a copy in the file