Provide X509_CRL_get0_tbs_sigalg()

X509_CRL_get0_tbs_sigalg() corresponds to X509_get0_tbs_sigalg() and
retrieves the AlgorithmIdentifier inside the TBSCertList which is not
currently accessible in any sane way from public API.

This PR adds X509_get0_tbs_sigalg() to the public API, documents it,
adds a simple regress check so there is coverage and mentions the
addition in CHANGES.md.

On top of that, fix a typo in .gitignore and clean up some order
inconsistencies in X509_get0_signature.pod.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27971)

.gitignore

@@ -93,7 +93,7 @@ providers/implementations/ciphers/ciphercommon.c
 providers/implementations/ciphers/ciphercommon_ccm.c
 providers/implementations/ciphers/ciphercommon_gcm.c
 providers/implementations/ciphers/cipher_chacha20_poly1305.c
-providers/implementations/digest/digestcommon.c
+providers/implementations/digests/digestcommon.c
 
 # error code files
 /crypto/err/openssl.txt.old

CHANGES.md

@@ -117,6 +117,11 @@ OpenSSL 3.6
 
    *Dimitri John Ledkov*
 
+ * Add X509_CRL_get0_tbs_sigalg() accessor for the signature AlgorithmIdentifier
+   inside a CRL's TBSCertList.
+
+   *Theo Buehler*
+
  * HKDF with (SHA-256, SHA-384, SHA-512) has assigned OIDs. Added ability to load
    HKDF configured with these explicit digests by name or OID.
 

crypto/x509/x509cset.c

@@ -125,6 +125,11 @@ STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl)
     return crl->crl.revoked;
 }
 
+const X509_ALGOR *X509_CRL_get0_tbs_sigalg(const X509_CRL *crl)
+{
+    return &crl->crl.sig_alg;
+}
+
 void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
                              const X509_ALGOR **palg)
 {

doc/man3/X509_get0_signature.pod

@@ -5,9 +5,10 @@
 X509_get0_signature, X509_REQ_set0_signature, X509_REQ_set1_signature_algo,
 X509_get_signature_nid, X509_get0_tbs_sigalg, X509_REQ_get0_signature,
 X509_REQ_get_signature_nid, X509_CRL_get0_signature, X509_CRL_get_signature_nid,
+X509_CRL_get0_tbs_sigalg, X509_get_signature_info,
+X509_SIG_INFO_get, X509_SIG_INFO_set,
 X509_ACERT_get0_signature, X509_ACERT_get0_info_sigalg,
-X509_ACERT_get_signature_nid, X509_get_signature_info,
-X509_SIG_INFO_get, X509_SIG_INFO_set - signature information
+X509_ACERT_get_signature_nid - signature information
 
 =head1 SYNOPSIS
 
@@ -32,6 +33,7 @@ X509_SIG_INFO_get, X509_SIG_INFO_set - signature information
                               const ASN1_BIT_STRING **psig,
                               const X509_ALGOR **palg);
  int X509_CRL_get_signature_nid(const X509_CRL *crl);
+ const X509_ALGOR *X509_CRL_get0_tbs_sigalg(const X509_crl *crl);
 
  int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
                              uint32_t *flags);
@@ -56,8 +58,8 @@ pointers which B<MUST NOT> be freed up after the call.
 X509_set0_signature() and X509_REQ_set1_signature_algo() are the
 equivalent setters for the two values of X509_get0_signature().
 
-X509_get0_tbs_sigalg() returns the signature algorithm in the signed
-portion of B<x>.
+X509_get0_tbs_sigalg() and X509_CRL_get0_tbs_sigalg() return the signature
+algorithm in the signed portion of the certificate or CRL.
 
 X509_get_signature_nid() returns the NID corresponding to the signature
 algorithm of B<x>.
@@ -66,10 +68,6 @@ X509_REQ_get0_signature(), X509_REQ_get_signature_nid()
 X509_CRL_get0_signature() and X509_CRL_get_signature_nid() perform the
 same function for certificate requests and CRLs.
 
-X509_ACERT_get0_signature(), X509_ACERT_get_signature_nid() and
-X509_ACERT_get0_info_sigalg() perform the same function for attribute
-certificates.
-
 X509_get_signature_info() retrieves information about the signature of
 certificate B<x>. The NID of the signing digest is written to B<*mdnid>,
 the public key algorithm to B<*pknid>, the effective security bits to
@@ -82,6 +80,10 @@ used by implementations of algorithms which need to set custom
 signature information: most applications will never need to call
 them.
 
+X509_ACERT_get0_signature(), X509_ACERT_get_signature_nid() and
+X509_ACERT_get0_info_sigalg() perform the same function for attribute
+certificates.
+
 =head1 NOTES
 
 These functions provide lower level access to signatures in certificates
@@ -147,6 +149,8 @@ were added in OpenSSL 1.1.1e.
 The X509_ACERT_get0_signature(), X509_ACERT_get0_info_sigalg() and
 X509_ACERT_get_signature_nid() functions were added in OpenSSL 3.4.
 
+The X509_CRL_get0_tbs_sigalg() function was added in OpenSSL 3.6.
+
 =head1 COPYRIGHT
 
 Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved.

include/openssl/x509.h.in

@@ -761,6 +761,7 @@ OSSL_DEPRECATEDIN_1_1_0 ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl);
 X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
 const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
 STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
+const X509_ALGOR *X509_CRL_get0_tbs_sigalg(const X509_CRL *crl);
 void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
                              const X509_ALGOR **palg);
 int X509_CRL_get_signature_nid(const X509_CRL *crl);

test/crltest.c

@@ -335,6 +335,7 @@ static int test_basic_crl(void)
 {
     X509_CRL *basic_crl = CRL_from_strings(kBasicCRL);
     X509_CRL *revoked_crl = CRL_from_strings(kRevokedCRL);
+    const X509_ALGOR *alg = NULL, *tbsalg;
     int r;
 
     r = TEST_ptr(basic_crl)
@@ -345,6 +346,14 @@ static int test_basic_crl(void)
         && TEST_int_eq(verify(test_leaf, test_root,
                               make_CRL_stack(basic_crl, revoked_crl),
                               X509_V_FLAG_CRL_CHECK), X509_V_ERR_CERT_REVOKED);
+    if (r) {
+        X509_CRL_get0_signature(basic_crl, NULL, &alg);
+        tbsalg = X509_CRL_get0_tbs_sigalg(basic_crl);
+        r = TEST_ptr(alg)
+            && TEST_ptr(tbsalg)
+            && TEST_int_eq(X509_ALGOR_cmp(alg, tbsalg), 0);
+    }
+
     X509_CRL_free(basic_crl);
     X509_CRL_free(revoked_crl);
     return r;

util/libcrypto.num

@@ -5929,3 +5929,4 @@ OPENSSL_sk_set_thunks                   ?	3_6_0	EXIST::FUNCTION:
 i2d_PKCS8PrivateKey                     ?	3_6_0	EXIST::FUNCTION:
 OSSL_PARAM_set_octet_string_or_ptr      ?	3_6_0	EXIST::FUNCTION:
 OSSL_STORE_LOADER_settable_ctx_params   ?	3_6_0	EXIST::FUNCTION:
+X509_CRL_get0_tbs_sigalg                ?	3_6_0	EXIST::FUNCTION: