On 01/16/2011 11:19 PM, Murray S. Kucherawy wrote: >> -----Original Message----- From: Nikos Mavrogiannopoulos >> [mailto:[email protected]] On Behalf Of Nikos >> Mavrogiannopoulos Sent: Saturday, January 15, 2011 10:46 AM To: >> Murray S. Kucherawy Cc: [email protected] Subject: Re: RSA >> sign/verify and hash generation functions >> >> You can use gnutls_privkey_sign_hash2() instead of >> gnutls_x509_privkey_sign_hash2(). There shouldn't be any >> side-effects. > > OK, I'll try that next week. > >> For verification you could use gnutls_pubkey_verify_data/hash. > > Already doing that. > >> You can use the gnutls_x509_ interface to import/export from a >> file/buffer and then use the gnutls_privkey_ interface to import >> from that and access operations. In a language like C++ it would be >> easier to express that a gnutls_x509_privkey_t is also a >> gnutls_privkey_t, but in C it causes that inconvenience. > > Yep, that's what I'm doing now. The gnutls_x509_*() calls are only > to import a private key in PEM/DER format, and to get the key size > out, and to sign a hash (though I'll try the non-x509 interface next > week). Everything else is gnutls_privkey_*() or gnutls_pubkey_*() > already. Does that sound right?
Yes. Aboutthe non gnutls_x509_* interface I have not fixed my mind yet since it appears to have side-effects. The current calls you describe is what will work anyway. regards, Nikos _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
