Add gnutls_openpgp_privkey_sign_hash.

3 files changed, 45 insertions, 5 deletions

diff --git a/NEWS b/NEWS
index f00212df8b..888048716d 100644
--- a/NEWS
+++ b/NEWS
@@ -8,10 +8,11 @@ See the end for copying conditions.
 ** New functions to perform external signing.
 Set the signing callback function (of the gnutls_sign_func prototype)
 using the gnutls_sign_callback_set function.  In the callback, you may
-find the new function gnutls_x509_privkey_sign_hash useful.  A new
-function gnutls_sign_callback_get is also added, to retrieve the
-function pointer.  Thanks to "Alon Bar-Lev" <alon.barlev@gmail.com>
-for comments and testing.
+find the new functions gnutls_x509_privkey_sign_hash and
+gnutls_openpgp_privkey_sign_hash useful.  A new function
+gnutls_sign_callback_get is also added, to retrieve the function
+pointer.  Thanks to "Alon Bar-Lev" <alon.barlev@gmail.com> for
+comments and testing.
 
 ** New self test of client and server authenticated X.509 TLS sessions.
 See tests/x509self.c and tests/x509signself.c.  The latter also tests
@@ -46,7 +47,8 @@ Thanks to Jakub Bogusz <qboosh@pld-linux.org> and Daniel Nylander
 gnutls_sign_func: ADD, new type for sign callback.
 gnutls_sign_callback_set: ADD, new function to set sign callback.
 gnutls_sign_callback_get: ADD, new function to retrieve sign callback.
-gnutls_x509_privkey_sign_hash: ADD, new function useful in sign callback.
+gnutls_x509_privkey_sign_hash,
+gnutls_openpgp_privkey_sign_hash: ADD, new functions useful in sign callback.
 GNUTLS_E_APPLICATION_ERROR_MIN,
 GNUTLS_E_APPLICATION_ERROR_MAX: ADD, new CPP #defines for error codes.
 
diff --git a/includes/gnutls/openpgp.h b/includes/gnutls/openpgp.h
index 229e58176e..2d7a7d4ac0 100644
--- a/includes/gnutls/openpgp.h
+++ b/includes/gnutls/openpgp.h
@@ -98,6 +98,9 @@ extern "C"
 				     const gnutls_datum_t * data,
 				     gnutls_openpgp_key_fmt_t format,
 				     const char *pass, unsigned int flags);
+  int gnutls_openpgp_privkey_sign_hash (gnutls_openpgp_privkey_t key,
+					const gnutls_datum_t * hash,
+					gnutls_datum_t * signature);
 
 /* Keyring stuff.
  */
diff --git a/libextra/gnutls_openpgp.c b/libextra/gnutls_openpgp.c
index 344b245ab9..f114fb8a11 100644
--- a/libextra/gnutls_openpgp.c
+++ b/libextra/gnutls_openpgp.c
@@ -1269,3 +1269,38 @@ gnutls_certificate_set_openpgp_key (gnutls_certificate_credentials_t
 
   return 0;
 }
+
+/**
+ * gnutls_openpgp_privkey_sign_hash - This function will sign the given data using the private key params
+ * @key: Holds the key
+ * @hash: holds the data to be signed
+ * @signature: will contain newly allocated signature
+ *
+ * This function will sign the given hash using the private key.
+ *
+ * Return value: In case of failure a negative value will be returned,
+ * and 0 on success.
+ **/
+int
+gnutls_openpgp_privkey_sign_hash (gnutls_openpgp_privkey_t key,
+				  const gnutls_datum_t * hash,
+				  gnutls_datum_t * signature)
+{
+  int result;
+
+  if (key == NULL)
+    {
+      gnutls_assert ();
+      return GNUTLS_E_INVALID_REQUEST;
+    }
+
+  result = _gnutls_sign (key->pkey.pk_algorithm, key->pkey.params,
+			 key->pkey.params_size, hash, signature);
+  if (result < 0)
+    {
+      gnutls_assert ();
+      return result;
+    }
+
+  return 0;
+}