sign APIs: introduce RSA-RAW signing algorithm

This ensures that there is a signing algorithm for all the operations
we support. Previously, we required GNUTLS_SIGN_UNKNOWN to be acceptable
by signing functions to accomodate for raw RSA operations. Now we make
that explicit and in the process clean-up the API.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

1 files changed, 1 insertions, 4 deletions

diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h
index 98248d5b36..bf29f877cd 100644
--- a/lib/includes/gnutls/abstract.h
+++ b/lib/includes/gnutls/abstract.h
@@ -75,14 +75,11 @@ typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key,
 					    const gnutls_datum_t *ciphertext,
 					    gnutls_datum_t * plaintext);
 
-#define GNUTLS_SIGN_CB_FLAG_RSA_DIGESTINFO (1<<1)
-
 /* to be called to sign pre-hashed data. The input will be
  * the output of the hash (such as SHA256) corresponding to
- * the signature algorithm. The flag GNUTLS_SIGN_CB_FLAG_RSA_DIGESTINFO
+ * the signature algorithm. The algorithm GNUTLS_SIGN_RSA_RAW
  * will be provided when RSA PKCS#1 DigestInfo structure is provided
  * as data (when this is called from a TLS 1.0 or 1.1 session).
- * In that case the signature algorithm will be set to %GNUTLS_SIGN_UNKNOWN
  */
 typedef int (*gnutls_privkey_sign_hash_func) (gnutls_privkey_t key,
 					      gnutls_sign_algorithm_t algo,