diff options
Diffstat (limited to 'lib/includes/gnutls/abstract.h')
-rw-r--r-- | lib/includes/gnutls/abstract.h | 56 |
1 files changed, 51 insertions, 5 deletions
diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h index ab4d7019c2..98248d5b36 100644 --- a/lib/includes/gnutls/abstract.h +++ b/lib/includes/gnutls/abstract.h @@ -66,23 +66,59 @@ typedef enum gnutls_abstract_export_flags { typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key, void *userdata, - const gnutls_datum_t * - raw_data, + const gnutls_datum_t *raw_data, gnutls_datum_t * signature); + + typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key, void *userdata, - const gnutls_datum_t * - ciphertext, + const gnutls_datum_t *ciphertext, gnutls_datum_t * plaintext); +#define GNUTLS_SIGN_CB_FLAG_RSA_DIGESTINFO (1<<1) + +/* to be called to sign pre-hashed data. The input will be + * the output of the hash (such as SHA256) corresponding to + * the signature algorithm. The flag GNUTLS_SIGN_CB_FLAG_RSA_DIGESTINFO + * will be provided when RSA PKCS#1 DigestInfo structure is provided + * as data (when this is called from a TLS 1.0 or 1.1 session). + * In that case the signature algorithm will be set to %GNUTLS_SIGN_UNKNOWN + */ +typedef int (*gnutls_privkey_sign_hash_func) (gnutls_privkey_t key, + gnutls_sign_algorithm_t algo, + void *userdata, + unsigned int flags, + const gnutls_datum_t *hash, + gnutls_datum_t * signature); + +/* to be called to sign data. The input data will be + * the data to be signed (and hashed), with the provided + * signature algorithm. This function is used for algorithms + * like ed25519 which cannot take pre-hashed data as input. + */ +typedef int (*gnutls_privkey_sign_data_func) (gnutls_privkey_t key, + gnutls_sign_algorithm_t algo, + void *userdata, + unsigned int flags, + const gnutls_datum_t *data, + gnutls_datum_t * signature); + typedef void (*gnutls_privkey_deinit_func) (gnutls_privkey_t key, void *userdata); + +#define GNUTLS_SIGN_ALGO_TO_FLAGS(sig) (unsigned int)((sig)<<20) +#define GNUTLS_FLAGS_TO_SIGN_ALGO(flags) (unsigned int)((flags)>>20) + /* Should return the public key algorithm (gnutls_pk_algorithm_t) */ #define GNUTLS_PRIVKEY_INFO_PK_ALGO 1 - /* Should return the preferred signature algorithm (gnutls_sign_algorithm_t) or 0. */ #define GNUTLS_PRIVKEY_INFO_SIGN_ALGO (1<<1) +/* Should return true (1) or false (0) if the provided sign algorithm + * (obtained with GNUTLS_FLAGS_TO_SIGN_ALGO) is supported. + */ +#define GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO (1<<2) + /* returns information on the public key associated with userdata */ typedef int (*gnutls_privkey_info_func) (gnutls_privkey_t key, unsigned int flags, void *userdata); @@ -423,6 +459,16 @@ gnutls_privkey_import_ext3(gnutls_privkey_t pkey, gnutls_privkey_info_func info_func, unsigned int flags); +int +gnutls_privkey_import_ext4(gnutls_privkey_t pkey, + void *userdata, + gnutls_privkey_sign_data_func sign_data_func, + gnutls_privkey_sign_hash_func sign_hash_func, + gnutls_privkey_decrypt_func decrypt_func, + gnutls_privkey_deinit_func deinit_func, + gnutls_privkey_info_func info_func, + unsigned int flags); + int gnutls_privkey_import_dsa_raw(gnutls_privkey_t key, const gnutls_datum_t * p, const gnutls_datum_t * q, |