Hello,
I am looking at alternative ways to provide private keys for GnuTLS.
gnutls_privkey_import_ext2 and gnutls_privkey_import_ext3
Both function have a sign_func and decrypt_func defined as follows:
typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key,
void *userdata,
const gnutls_datum_t *
raw_data,
gnutls_datum_t * signature);
typedef int (*gnutls_privkey_decrypt_func) (gnutls_privkey_t key,
void *userdata,
const gnutls_datum_t *
ciphertext,
gnutls_datum_t * plaintext);
I would assume (but are not sure) that GnuTLS need to Sign a hash and verify a
hash signature combination.
Are my assumptions wrong? Do GnuTLS actually need to decrypt ciphertext to
plaintext, in other cases than verifying a hash signature combination?
/bhc
_______________________________________________
Gnutls-help mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnutls-help
