X509_digest_sig: Handle RSA-PSS and EDDSA certificates

Identify digest from sigalg params for RSA-PSS and fallback to SHA-256 for EDDSA. Fixes #15477 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/15618)
author: Tomas Mraz <tomas@openssl.org> 2021-06-04 13:56:41 +0200
committer: Tomas Mraz <tomas@openssl.org> 2021-06-08 09:20:15 +0200
commit: fccf3dcef42f12b0ac2b1ab8979125a2511dc271 (patch)
tree: 83d268c68251556aadfcd184aaf19ab5cbf2d93f /doc
parent: 09345c8cab01d0030234a001c7b2d64eac1e75ae (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/man3/X509_digest.pod b/doc/man3/X509_digest.pod
index 36af772cc7..5d6167934d 100644
--- a/doc/man3/X509_digest.pod
+++ b/doc/man3/X509_digest.pod
@@ -40,7 +40,9 @@ PKCS7_ISSUER_AND_SERIAL_digest
 =head1 DESCRIPTION
 
 X509_digest_sig() calculates a digest of the given certificate
-using the same hash algorithm as in its signature.
+using the same hash algorithm as in its signature with a fallback to B<SHA-256>
+for algorithms where the digest is an integral part of the signature algorithm
+such as with B<EdDSA> signatures.
 
 X509_pubkey_digest() returns a digest of the DER representation of the public
 key in the specified X509 B<data> object.
author	Tomas Mraz <tomas@openssl.org>	2021-06-04 13:56:41 +0200
committer	Tomas Mraz <tomas@openssl.org>	2021-06-08 09:20:15 +0200
commit	fccf3dcef42f12b0ac2b1ab8979125a2511dc271 (patch)
tree	83d268c68251556aadfcd184aaf19ab5cbf2d93f /doc
parent	09345c8cab01d0030234a001c7b2d64eac1e75ae (diff)