gnutls_x509_crt_verify_hash: DEPRECATED

gnutls_x509_crt_verify_data: DEPRECATED
gnutls_x509_crt_get_verify_algorithm: DEPRECATED
gnutls_x509_crt_get_preferred_hash_algorithm: DEPRECATED
Removed the new gnutls_x509_privkey_sign_data2() and gnutls_x509_privkey_sign_hash2().

That functionality will be only in the abstract.h pubkey and privkey
structures, to avoid duplication for every certificate type.

1 files changed, 12 insertions, 1 deletions

diff --git a/tests/cve-2009-1415.c b/tests/cve-2009-1415.c
index d1e23c5e2b..122b799cba 100644
--- a/tests/cve-2009-1415.c
+++ b/tests/cve-2009-1415.c
@@ -46,6 +46,7 @@
 
 #include <gnutls/gnutls.h>
 #include <gnutls/x509.h>
+#include <gnutls/abstract.h>
 
 static char dsa_cert[] =
   "-----BEGIN CERTIFICATE-----\n"
@@ -77,6 +78,7 @@ int
 main (void)
 {
   gnutls_x509_crt_t crt;
+  gnutls_pubkey_t pubkey;
   gnutls_datum_t data = { (char *) "foo", 3 };
   gnutls_datum_t sig = { (char *) "bar", 3 };
   int ret;
@@ -87,17 +89,26 @@ main (void)
   if (ret < 0)
     return 1;
 
+  ret = gnutls_pubkey_init (&pubkey);
+  if (ret < 0)
+    return 1;
+
   ret = gnutls_x509_crt_import (crt, &dsa_cert_dat, GNUTLS_X509_FMT_PEM);
   if (ret < 0)
     return 1;
 
-  ret = gnutls_x509_crt_verify_data (crt, 0, &data, &sig);
+  ret = gnutls_pubkey_import_x509( pubkey, crt, 0);
+  if (ret < 0)
+    return 1;
+
+  ret = gnutls_pubkey_verify_data (pubkey, 0, &data, &sig);
   if (ret < 0 && ret != GNUTLS_E_PK_SIG_VERIFY_FAILED)
     return 1;
 
   //printf ("success!\n");
 
   gnutls_x509_crt_deinit (crt);
+  gnutls_pubkey_deinit( pubkey);
   gnutls_global_deinit ();
 
   return 0;