summaryrefslogtreecommitdiff
path: root/lib/tls-sig.c
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2017-08-04 15:00:46 +0200
committerNikos Mavrogiannopoulos <nmav@redhat.com>2017-08-15 14:05:17 +0200
commit50bce8588102ac729d80e804c879c9debd78861a (patch)
tree6b67441b8e41a23b94cdd8befb0faf033a6c62e8 /lib/tls-sig.c
parentcaeac0335e274db18e802a3f2fe0d49bf4dee0b4 (diff)
downloadgnutls-50bce8588102ac729d80e804c879c9debd78861a.tar.gz
gnutls_privkey_import_ext4: introduced to allow signing with RSA-PSS or Ed25519 keys
That function allows a signing callback which passes the signature algorithm, providing all the information to callback for signing. It also introduces GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO flag which allows the library to query the private key of the supported signature algorithms. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/tls-sig.c')
-rw-r--r--lib/tls-sig.c13
1 files changed, 4 insertions, 9 deletions
diff --git a/lib/tls-sig.c b/lib/tls-sig.c
index a452cdfb77..4b124627b7 100644
--- a/lib/tls-sig.c
+++ b/lib/tls-sig.c
@@ -550,15 +550,10 @@ _gnutls_handshake_sign_crt_vrfy12(gnutls_session_t session,
gnutls_sign_algorithm_t sign_algo;
int ret;
- sign_algo = _gnutls_privkey_get_preferred_sign_algo(pkey);
- if (sign_algo == GNUTLS_SIGN_UNKNOWN ||
- _gnutls_session_sign_algo_enabled(session, sign_algo) < 0) {
-
- sign_algo = _gnutls_session_get_sign_algo(session, cert, pkey, 1);
- if (sign_algo == GNUTLS_SIGN_UNKNOWN) {
- gnutls_assert();
- return GNUTLS_E_UNWANTED_ALGORITHM;
- }
+ sign_algo = _gnutls_session_get_sign_algo(session, cert, pkey, 1);
+ if (sign_algo == GNUTLS_SIGN_UNKNOWN) {
+ gnutls_assert();
+ return GNUTLS_E_UNWANTED_ALGORITHM;
}
gnutls_sign_algorithm_set_client(session, sign_algo);
View Lorry Controller Status