diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-04 15:00:46 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-15 14:05:17 +0200 |
commit | 50bce8588102ac729d80e804c879c9debd78861a (patch) | |
tree | 6b67441b8e41a23b94cdd8befb0faf033a6c62e8 /lib/tls-sig.c | |
parent | caeac0335e274db18e802a3f2fe0d49bf4dee0b4 (diff) | |
download | gnutls-50bce8588102ac729d80e804c879c9debd78861a.tar.gz |
gnutls_privkey_import_ext4: introduced to allow signing with RSA-PSS or Ed25519 keys
That function allows a signing callback which passes the signature
algorithm, providing all the information to callback for signing.
It also introduces GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO flag which
allows the library to query the private key of the supported
signature algorithms.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/tls-sig.c')
-rw-r--r-- | lib/tls-sig.c | 13 |
1 files changed, 4 insertions, 9 deletions
diff --git a/lib/tls-sig.c b/lib/tls-sig.c index a452cdfb77..4b124627b7 100644 --- a/lib/tls-sig.c +++ b/lib/tls-sig.c @@ -550,15 +550,10 @@ _gnutls_handshake_sign_crt_vrfy12(gnutls_session_t session, gnutls_sign_algorithm_t sign_algo; int ret; - sign_algo = _gnutls_privkey_get_preferred_sign_algo(pkey); - if (sign_algo == GNUTLS_SIGN_UNKNOWN || - _gnutls_session_sign_algo_enabled(session, sign_algo) < 0) { - - sign_algo = _gnutls_session_get_sign_algo(session, cert, pkey, 1); - if (sign_algo == GNUTLS_SIGN_UNKNOWN) { - gnutls_assert(); - return GNUTLS_E_UNWANTED_ALGORITHM; - } + sign_algo = _gnutls_session_get_sign_algo(session, cert, pkey, 1); + if (sign_algo == GNUTLS_SIGN_UNKNOWN) { + gnutls_assert(); + return GNUTLS_E_UNWANTED_ALGORITHM; } gnutls_sign_algorithm_set_client(session, sign_algo); |