diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2019-11-05 16:47:17 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2019-11-05 16:49:16 +0100 |
commit | 03fe7c089122ec50231012df3a6bfbc4a464f229 (patch) | |
tree | 9bce8936dee629d66bfec23618cfcfa140e7855b /lib | |
parent | 416b1922ffb912b1f11a20f7a533b7619291eaa0 (diff) | |
download | gnutls-03fe7c089122ec50231012df3a6bfbc4a464f229.tar.gz |
gnutls_privkey_sign_data2: removed unnecessary text [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/privkey.c | 22 |
1 files changed, 9 insertions, 13 deletions
diff --git a/lib/privkey.c b/lib/privkey.c index 4ef07c8b06..425cc3e7c6 100644 --- a/lib/privkey.c +++ b/lib/privkey.c @@ -1201,21 +1201,17 @@ gnutls_privkey_sign_data2(gnutls_privkey_t signer, * @hash_data: holds the data to be signed * @signature: will contain newly allocated signature * - * This function will sign the given hashed data using a signature algorithm - * supported by the private key. Signature algorithms are always used - * together with a hash functions. Different hash functions may be - * used for the RSA algorithm, but only SHA-XXX for the DSA keys. - * - * You may use gnutls_pubkey_get_preferred_hash_algorithm() to determine - * the hash algorithm. + * This function will sign the given hashed data using the specified signature + * algorithm. This function is an enhancement of gnutls_privkey_sign_hash(), + * as it allows utilizing a alternative signature algorithm where possible + * (e.g, use an RSA key with RSA-PSS). * - * The flags may be %GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA or %GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS. - * In the former case this function will ignore @hash_algo and perform a raw PKCS1 signature, - * and in the latter an RSA-PSS signature will be generated. Note that the flag - * %GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA is supported since 3.6.9. + * The flags may be %GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA. + * In that case this function will ignore @hash_algo and perform a raw PKCS1 signature. + * Note that this flag is supported since 3.6.9. * - * Note that, not all algorithm support signing already hashed data. When - * signing with Ed25519, gnutls_privkey_sign_data() should be used. + * Note also that, not all algorithm support signing already hashed data. When + * signing with Ed25519, gnutls_privkey_sign_data2() should be used instead. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. |