From 075c048b99cefdce1245c13c4aa449b28ce8366c Mon Sep 17 00:00:00 2001
From: tb <>
Date: Wed, 28 Aug 2024 07:15:04 +0000
Subject: Implement X509_get_signature_info()

This is a slightly strange combination of OBJ_find_sigid_algs() and the
security level API necessary because OBJ_find_sigid_algs() on its own
isn't smart enough for the special needs of RSA-PSS and EdDSA.

The API extracts the hash's NID and the pubkey's NID from the certificate's
signatureAlgorithm and invokes special handlers for RSA-PSS and EdDSA
for retrieving the corresponding information. This isn't entirely free
for RSA-PSS, but for now we don't cache this information.

The security bits calculation is a bit hand-wavy, but that's something
that comes along with this sort of numerology.

ok jsing
---
 src/lib/libcrypto/Makefile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/lib/libcrypto/Makefile')

diff --git a/src/lib/libcrypto/Makefile b/src/lib/libcrypto/Makefile
index 30c63be8e4..b4407d566c 100644
--- a/src/lib/libcrypto/Makefile
+++ b/src/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.202 2024/08/10 06:41:49 tb Exp $
+# $OpenBSD: Makefile,v 1.203 2024/08/28 07:15:04 tb Exp $
 
 LIB=	crypto
 LIBREBUILD=y
@@ -589,6 +589,7 @@ SRCS+= x509_purp.c
 SRCS+= x509_r2x.c
 SRCS+= x509_req.c
 SRCS+= x509_set.c
+SRCS+= x509_siginfo.c
 SRCS+= x509_skey.c
 SRCS+= x509_trs.c
 SRCS+= x509_txt.c
-- 
cgit v1.2.3-55-g6feb