[gnutls-help] Alternative Private keys?
Bjørn H. Christensen
BHC at insight.dk
Thu Oct 22 12:15:19 CEST 2015
Hello,
I am looking at alternative ways to provide private keys for GnuTLS.
gnutls_privkey_import_ext2 and gnutls_privkey_import_ext3
Both function have a sign_func and decrypt_func defined as follows:
typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key,
void *userdata,
const gnutls_datum_t *
raw_data,
gnutls_datum_t * signature);
typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key,
void *userdata,
const gnutls_datum_t *
ciphertext,
gnutls_datum_t * plaintext);
I would assume (but are not sure) that GnuTLS need to Sign a hash and verify a hash signature combination.
Are my assumptions wrong? Do GnuTLS actually need to decrypt ciphertext to plaintext, in other cases than verifying a hash signature combination?
/bhc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20151022/3c4b32a2/attachment.html>
More information about the Gnutls-help
mailing list