> -----Original Message----- > From: Nikos Mavrogiannopoulos [mailto:[email protected]] On > Behalf Of Nikos Mavrogiannopoulos > Sent: Saturday, January 15, 2011 5:13 AM > To: Murray S. Kucherawy > Cc: [email protected] > Subject: Re: RSA sign/verify and hash generation functions > > btw. I'm planning into deprecating all the gnutls_x509_* functions to > sign and verify data, and only leave the gnutls_privkey_ and > gnutls_pubkey_ equivalent functions. That is to simplify internals > and avoid having the same functions for each certificate type. > Just in case this change affects you.
It does. Right now I'm using: - gnutls_x509_privkey_init() to allocate an object - gnutls_x509_privkey_import() to read in a PEM-encoded or DER-encoded RSA key - gnutls_privkey_import_x509() to extract a generic private key from the above - gnutls_privkey_get_pk_algorithm() just to get the key size of the above - gnutls_x509_privkey_deinit() to deallocate - gnutls_x509_privkey_sign_hash2() to sign As I recall, what was missing from the basic privkey interface was the means to get a PEM/DER-encoded RSA key; I had to go through the gnutls_x509_*() functions to do that. What I need is a gnutls_privkey_import() that can do the same, and a matching gnutls_privkey_sign_hash2(), and then I can get rid of the gnutls_x509_*() calls altogether. If you have a version available that has those API changes, I can give it a try next week. -MSK
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
