[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-40-g9376d7d
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-40-g9376d7d |
|
Date: |
Sun, 19 Dec 2010 04:08:19 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=9376d7daa7dbc2a4da794d47765de9d073895b5a
The branch, master has been updated
via 9376d7daa7dbc2a4da794d47765de9d073895b5a (commit)
via 7708a6d3c41b6bf9d7acda6feb26a3805cf26715 (commit)
from 920774dd19cb84e6781e5043a6d0e87801a69cf5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9376d7daa7dbc2a4da794d47765de9d073895b5a
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Dec 19 05:06:43 2010 +0100
Set public key bits on all import functions. Issue reported by Murray
Kucheawy.
commit 7708a6d3c41b6bf9d7acda6feb26a3805cf26715
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Dec 19 04:57:05 2010 +0100
gnutls_pkcs11_privkey_sign_data(), gnutls_pkcs11_privkey_sign_hash2() and
gnutls_pkcs11_privkey_decrypt_data() were removed. The abstract.h functions
should be used instead.
-----------------------------------------------------------------------
Summary of changes:
NEWS | 2 +-
lib/gnutls_privkey.c | 2 +-
lib/gnutls_pubkey.c | 19 ++++++-
lib/includes/gnutls/pkcs11.h | 17 ------
lib/pkcs11_int.h | 6 ++
lib/pkcs11_privkey.c | 123 ++----------------------------------------
6 files changed, 29 insertions(+), 140 deletions(-)
diff --git a/NEWS b/NEWS
index ab4b206..2a927ff 100644
--- a/NEWS
+++ b/NEWS
@@ -31,7 +31,6 @@ Reported by "Brendan Doherty" <address@hidden>.
gnutls_pubkey_import_privkey: ADDED
gnutls_pubkey_verify_data: ADDED
gnutls_privkey_sign_hash2: ADDED
-gnutls_pkcs11_privkey_sign_hash2: ADDED
gnutls_x509_privkey_sign_hash2: ADDED
gnutls_x509_privkey_sign_data2: ADDED
gnutls_x509_privkey_sign_hash: DEPRECATED
@@ -41,6 +40,7 @@ gnutls_ext_register: DEPRECATED
gnutls_openpgp_privkey_sign_hash: REMOVED
gnutls_openpgp_privkey_decrypt_data: REMOVED
gnutls_pkcs11_privkey_sign_hash: REMOVED
+gnutls_pkcs11_privkey_decrypt_data: REMOVED
gnutls_privkey_sign_hash: REMOVED
* Version 2.11.6 (released 2010-12-06)
diff --git a/lib/gnutls_privkey.c b/lib/gnutls_privkey.c
index 553efd2..35f6a33 100644
--- a/lib/gnutls_privkey.c
+++ b/lib/gnutls_privkey.c
@@ -546,7 +546,7 @@ gnutls_privkey_decrypt_data (gnutls_privkey_t key,
key->key.x509->params,
key->key.x509->params_size, 2);
case GNUTLS_PRIVKEY_PKCS11:
- return gnutls_pkcs11_privkey_decrypt_data (key->key.pkcs11,
+ return _gnutls_pkcs11_privkey_decrypt_data (key->key.pkcs11,
flags,
ciphertext, plaintext);
default:
diff --git a/lib/gnutls_pubkey.c b/lib/gnutls_pubkey.c
index 035553f..1c5112f 100644
--- a/lib/gnutls_pubkey.c
+++ b/lib/gnutls_pubkey.c
@@ -62,6 +62,20 @@ struct gnutls_pubkey_st
unsigned int key_usage; /* bits from GNUTLS_KEY_* */
};
+static int pubkey_to_bits(gnutls_pk_algorithm_t pk, bigint_t* params, int
params_size)
+{
+ switch(pk)
+ {
+ case GNUTLS_PK_RSA:
+ return _gnutls_mpi_get_nbits(params[0]);
+ case GNUTLS_PK_DSA:
+ if (params_size < 3) return 0;
+ return _gnutls_mpi_get_nbits(params[3]);
+ default:
+ return 0;
+ }
+}
+
/**
* gnutls_pubkey_get_pk_algorithm:
* @key: should contain a #gnutls_pubkey_t structure
@@ -695,6 +709,7 @@ gnutls_pubkey_import (gnutls_pubkey_t key,
* fail.
*/
key->pk_algorithm = _gnutls_x509_get_pk_algorithm (spk, "", NULL);
+ key->bits = pubkey_to_bits(key->pk_algorithm, key->params, key->params_size);
result = 0;
@@ -894,7 +909,7 @@ gnutls_pubkey_import_rsa_raw (gnutls_pubkey_t key,
key->params_size = RSA_PUBLIC_PARAMS;
key->pk_algorithm = GNUTLS_PK_RSA;
- key->bits = _gnutls_mpi_get_nbits(key->params[0]);
+ key->bits = pubkey_to_bits(GNUTLS_PK_RSA, key->params, key->params_size);
return 0;
}
@@ -965,7 +980,7 @@ gnutls_pubkey_import_dsa_raw (gnutls_pubkey_t key,
key->params_size = DSA_PUBLIC_PARAMS;
key->pk_algorithm = GNUTLS_PK_DSA;
- key->bits = _gnutls_mpi_get_nbits(key->params[3]);
+ key->bits = pubkey_to_bits(GNUTLS_PK_DSA, key->params, key->params_size);
return 0;
diff --git a/lib/includes/gnutls/pkcs11.h b/lib/includes/gnutls/pkcs11.h
index 5aeff8e..5f6be2e 100644
--- a/lib/includes/gnutls/pkcs11.h
+++ b/lib/includes/gnutls/pkcs11.h
@@ -195,23 +195,6 @@ int gnutls_pkcs11_privkey_get_info
(gnutls_pkcs11_privkey_t crt,
int gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t key,
const char *url, unsigned int flags);
-int gnutls_pkcs11_privkey_sign_data (gnutls_pkcs11_privkey_t signer,
- gnutls_digest_algorithm_t hash,
- unsigned int flags,
- const gnutls_datum_t * data,
- gnutls_datum_t * signature);
-int
-gnutls_pkcs11_privkey_sign_hash2 (gnutls_pkcs11_privkey_t signer,
- gnutls_digest_algorithm_t hash_algo,
- unsigned int flags,
- const gnutls_datum_t * hash_data,
- gnutls_datum_t * signature);
-
-int
-gnutls_pkcs11_privkey_decrypt_data (gnutls_pkcs11_privkey_t key,
- unsigned int flags,
- const gnutls_datum_t * ciphertext,
- gnutls_datum_t * plaintext);
int gnutls_pkcs11_privkey_export_url (gnutls_pkcs11_privkey_t key,
gnutls_pkcs11_url_type_t detailed,
char **url);
diff --git a/lib/pkcs11_int.h b/lib/pkcs11_int.h
index 7405c42..b431a80 100644
--- a/lib/pkcs11_int.h
+++ b/lib/pkcs11_int.h
@@ -102,4 +102,10 @@ _gnutls_pkcs11_privkey_sign_hash (gnutls_pkcs11_privkey_t
key,
const gnutls_datum_t * hash,
gnutls_datum_t * signature);
+int
+_gnutls_pkcs11_privkey_decrypt_data (gnutls_pkcs11_privkey_t key,
+ unsigned int flags,
+ const gnutls_datum_t * ciphertext,
+ gnutls_datum_t * plaintext);
+
#endif
diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c
index eebda0a..9cbd3c0 100644
--- a/lib/pkcs11_privkey.c
+++ b/lib/pkcs11_privkey.c
@@ -114,62 +114,6 @@ gnutls_pkcs11_privkey_get_info (gnutls_pkcs11_privkey_t
pkey,
}
-/**
- * gnutls_pkcs11_privkey_sign_data:
- * @signer: Holds the key
- * @digest: should be MD5 or SHA1
- * @flags: should be 0 for now
- * @data: holds the data to be signed
- * @signature: will contain the signature allocated with gnutls_malloc()
- *
- * This function will sign the given data using a signature algorithm
- * supported by the private key. Signature algorithms are always used
- * together with a hash functions. Different hash functions may be
- * used for the RSA algorithm, but only SHA-1 for the DSA keys.
- *
- * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
- * negative error value.
- **/
-int
-gnutls_pkcs11_privkey_sign_data (gnutls_pkcs11_privkey_t signer,
- gnutls_digest_algorithm_t hash,
- unsigned int flags,
- const gnutls_datum_t * data,
- gnutls_datum_t * signature)
-{
- int ret;
- gnutls_datum_t digest;
-
- ret = pk_hash_data (signer->pk_algorithm, hash, NULL, data, &digest);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- ret = pk_prepare_hash (signer->pk_algorithm, hash, &digest);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
-
- ret = _gnutls_pkcs11_privkey_sign_hash (signer, &digest, signature);
- _gnutls_free_datum (&digest);
-
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- return 0;
-
-cleanup:
- _gnutls_free_datum (&digest);
- return ret;
-}
-
#define FIND_OBJECT(pks, obj, key) \
do { \
int retries = 0; \
@@ -258,65 +202,6 @@ cleanup:
}
/**
- * gnutls_pkcs11_privkey_sign_hash2:
- * @signer: Holds the signer's key
- * @hash_algo: The hash algorithm used
- * @flags: zero for now
- * @hash_data: holds the data to be signed
- * @signature: will contain newly allocated signature
- *
- * This function will sign the given hashed data using a signature algorithm
- * supported by the private key. Signature algorithms are always used
- * together with a hash functions. Different hash functions may be
- * used for the RSA algorithm, but only SHA-XXX for the DSA keys.
- *
- * Use gnutls_x509_crt_get_preferred_hash_algorithm() to determine
- * the hash algorithm.
- *
- * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
- * negative error value.
- **/
-int
-gnutls_pkcs11_privkey_sign_hash2 (gnutls_pkcs11_privkey_t signer,
- gnutls_digest_algorithm_t hash_algo,
- unsigned int flags,
- const gnutls_datum_t * hash_data,
- gnutls_datum_t * signature)
-{
- int ret;
- gnutls_datum_t digest;
-
- digest.data = gnutls_malloc (hash_data->size);
- if (digest.data == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_MEMORY_ERROR;
- }
- digest.size = hash_data->size;
- memcpy (digest.data, hash_data->data, digest.size);
-
- ret = pk_prepare_hash (signer->pk_algorithm, hash_algo, &digest);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
-
- ret = _gnutls_pkcs11_privkey_sign_hash (signer, &digest, signature);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
-
- ret = 0;
-
-cleanup:
- _gnutls_free_datum (&digest);
- return ret;
-}
-
-/**
* gnutls_pkcs11_privkey_import_url:
* @pkey: The structure to store the parsed key
* @url: a PKCS 11 url identifying the key
@@ -360,8 +245,8 @@ gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t
pkey,
return 0;
}
-/**
- * gnutls_pkcs11_privkey_decrypt_data:
+/*-
+ * _gnutls_pkcs11_privkey_decrypt_data:
* @key: Holds the key
* @flags: should be 0 for now
* @ciphertext: holds the data to be signed
@@ -372,9 +257,9 @@ gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t
pkey,
*
* Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
* negative error value.
- **/
+ -*/
int
-gnutls_pkcs11_privkey_decrypt_data (gnutls_pkcs11_privkey_t key,
+_gnutls_pkcs11_privkey_decrypt_data (gnutls_pkcs11_privkey_t key,
unsigned int flags,
const gnutls_datum_t * ciphertext,
gnutls_datum_t * plaintext)
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-40-g9376d7d,
Nikos Mavrogiannopoulos <=