[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: RSA sign/verify and hash generation functions
From: |
Murray S. Kucherawy |
Subject: |
RE: RSA sign/verify and hash generation functions |
Date: |
Sun, 16 Jan 2011 14:19:04 -0800 |
> -----Original Message-----
> From: Nikos Mavrogiannopoulos [mailto:address@hidden On Behalf Of Nikos
> Mavrogiannopoulos
> Sent: Saturday, January 15, 2011 10:46 AM
> To: Murray S. Kucherawy
> Cc: address@hidden
> Subject: Re: RSA sign/verify and hash generation functions
>
> You can use gnutls_privkey_sign_hash2() instead of
> gnutls_x509_privkey_sign_hash2(). There shouldn't be any side-effects.
OK, I'll try that next week.
> For verification you could use gnutls_pubkey_verify_data/hash.
Already doing that.
> You can use the gnutls_x509_ interface to import/export from a
> file/buffer and then use the gnutls_privkey_ interface to import
> from that and access operations. In a language like C++ it would
> be easier to express that a gnutls_x509_privkey_t is also a
> gnutls_privkey_t, but in C it causes that inconvenience.
Yep, that's what I'm doing now. The gnutls_x509_*() calls are only to import a
private key in PEM/DER format, and to get the key size out, and to sign a hash
(though I'll try the non-x509 interface next week). Everything else is
gnutls_privkey_*() or gnutls_pubkey_*() already. Does that sound right?