static int
dsa_sign (const gnutls_datum_t * text,
bigint_t * params, int params_len, gnutls_datum_t * signature)
{
int ret;
opaque _digest[MAX_HASH_SIZE];
digest_hd_st hd;
gnutls_datum_t digest;
gnutls_digest_algorithm_t hash = _gnutls_dsa_q_to_hash (params[1]);
ret = _gnutls_hash_init (&hd, hash);
if (ret < 0)
{
gnutls_assert ();
return ret;
}
_gnutls_hash (&hd, text->data, text->size);
_gnutls_hash_deinit (&hd, _digest);
digest.data = _digest;
digest.size = _gnutls_hash_get_algo_len (hash);
if ((ret =
_gnutls_sign (GNUTLS_PK_DSA, params, params_len, &digest,
signature)) < 0)
{
gnutls_assert ();
return ret;
}
return 0;
}
/* This will create a PKCS1 or DSA signature, as defined in the TLS protocol.
* Cert is the certificate of the corresponding private key. It is only checked if
* it supports signing.
*/
static int
_gnutls_tls_sign (gnutls_session_t session,
gnutls_cert * cert, gnutls_privkey * pkey,
const gnutls_datum_t * hash_concat,
gnutls_datum_t * signature)
{
/* If our certificate supports signing
*/
if (cert != NULL)
if (cert->key_usage != 0)
if (!(cert->key_usage & KEY_DIGITAL_SIGNATURE))
{
gnutls_assert ();
return GNUTLS_E_KEY_USAGE_VIOLATION;
}
/* External signing. */
if (!pkey || pkey->params_size == 0)
{
if (!session->internals.sign_func)
return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
return (*session->internals.sign_func)
(session, session->internals.sign_func_userdata,
cert->cert_type, &cert->raw, hash_concat, signature);
}
return _gnutls_sign (pkey->pk_algorithm, pkey->params,
pkey->params_size, hash_concat, signature);
}
static int
dsa_sign (const gnutls_datum_t * text,
mpi_t * params, int params_len, gnutls_datum_t * signature)
{
int ret;
opaque _digest[MAX_HASH_SIZE];
GNUTLS_HASH_HANDLE hd;
gnutls_datum_t digest;
hd = _gnutls_hash_init (GNUTLS_MAC_SHA1);
if (hd == NULL)
{
gnutls_assert ();
return GNUTLS_E_HASH_FAILED;
}
_gnutls_hash (hd, text->data, text->size);
_gnutls_hash_deinit (hd, _digest);
digest.data = _digest;
digest.size = 20;
if ((ret =
_gnutls_sign (GNUTLS_PK_DSA, params, params_len, &digest,
signature)) < 0)
{
gnutls_assert ();
return ret;
}
return 0;
}
/**
* gnutls_openpgp_privkey_sign_hash - sign the given data using the private key params
* @key: Holds the key
* @hash: holds the data to be signed
* @signature: will contain newly allocated signature
*
* This function will sign the given hash using the private key. You
* should use gnutls_openpgp_privkey_set_subkey() before calling this
* function to set the subkey to use.
*
* Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
* negative error value.
**/
int
gnutls_openpgp_privkey_sign_hash (gnutls_openpgp_privkey_t key,
const gnutls_datum_t * hash,
gnutls_datum_t * signature)
{
int result, i;
bigint_t params[MAX_PUBLIC_PARAMS_SIZE];
int params_size = MAX_PUBLIC_PARAMS_SIZE;
int pk_algorithm;
gnutls_openpgp_keyid_t keyid;
if (key == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
result = gnutls_openpgp_privkey_get_preferred_key_id (key, keyid);
if (result == 0)
{
uint32_t kid[2];
KEYID_IMPORT (kid, keyid);
result = _gnutls_openpgp_privkey_get_mpis (key, kid,
params, ¶ms_size);
}
else
{
result = _gnutls_openpgp_privkey_get_mpis (key, NULL,
params, ¶ms_size);
}
if (result < 0)
{
gnutls_assert ();
return result;
}
pk_algorithm = gnutls_openpgp_privkey_get_pk_algorithm (key, NULL);
result = _gnutls_sign (pk_algorithm, params, params_size, hash, signature);
for (i = 0; i < params_size; i++)
_gnutls_mpi_release (¶ms[i]);
if (result < 0)
{
gnutls_assert ();
return result;
}
return 0;
}
/* if hash==MD5 then we do RSA-MD5
* if hash==SHA then we do RSA-SHA
* params[0] is modulus
* params[1] is public key
*/
static int
pkcs1_rsa_sign (gnutls_digest_algorithm_t hash, const gnutls_datum_t * text,
bigint_t * params, int params_len, gnutls_datum_t * signature)
{
int ret;
opaque _digest[MAX_HASH_SIZE];
digest_hd_st hd;
gnutls_datum_t digest, info;
ret = _gnutls_hash_init (&hd, HASH2MAC (hash));
if (ret < 0)
{
gnutls_assert ();
return ret;
}
_gnutls_hash (&hd, text->data, text->size);
_gnutls_hash_deinit (&hd, _digest);
digest.data = _digest;
digest.size = _gnutls_hash_get_algo_len (HASH2MAC (hash));
/* Encode the digest as a DigestInfo
*/
if ((ret = encode_ber_digest_info (hash, &digest, &info)) != 0)
{
gnutls_assert ();
return ret;
}
if ((ret =
_gnutls_sign (GNUTLS_PK_RSA, params, params_len, &info,
signature)) < 0)
{
gnutls_assert ();
_gnutls_free_datum (&info);
return ret;
}
_gnutls_free_datum (&info);
return 0;
}
