tls-sig: re-organize and simplify the TLS signature generation and verification

That makes sure that the high level APIs are used when possible, and separate the TLS 1.2 from other code paths. This will allow supporting signature schemes like EdDSA and others. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-05-29 16:22:27 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-05-31 14:50:22 +0200
commit: 7288a41662fd8c17fd2af6417b64ff97ee8fee93 (patch)
tree: f51c20cb6effebd1190b7a1720353187e2228ca2 /lib/tls-sig.h
parent: 3ffcff8ddf994e94c6c9c693be0a520ea825fa91 (diff)
download: gnutls-7288a41662fd8c17fd2af6417b64ff97ee8fee93.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/tls-sig.h b/lib/tls-sig.h
index 5ba37128be..afea4ebaf9 100644
--- a/lib/tls-sig.h
+++ b/lib/tls-sig.h
@@ -45,11 +45,13 @@ int _gnutls_handshake_sign_data(gnutls_session_t session,
 				gnutls_sign_algorithm_t * algo);
 
 int _gnutls_handshake_verify_crt_vrfy(gnutls_session_t session,
+				      unsigned verify_flags,
 				      gnutls_pcert_st * cert,
 				      gnutls_datum_t * signature,
 				      gnutls_sign_algorithm_t);
 
 int _gnutls_handshake_verify_data(gnutls_session_t session,
+				  unsigned verify_flags,
 				  gnutls_pcert_st * cert,
 				  const gnutls_datum_t * params,
 				  gnutls_datum_t * signature,
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-05-29 16:22:27 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-05-31 14:50:22 +0200
commit	7288a41662fd8c17fd2af6417b64ff97ee8fee93 (patch)
tree	f51c20cb6effebd1190b7a1720353187e2228ca2 /lib/tls-sig.h
parent	3ffcff8ddf994e94c6c9c693be0a520ea825fa91 (diff)
download	gnutls-7288a41662fd8c17fd2af6417b64ff97ee8fee93.tar.gz