RSA sign/verify and hash generation functions
Murray S. Kucherawy
msk at cloudmark.com
Sun Jan 16 23:19:04 CET 2011
> -----Original Message-----
> From: Nikos Mavrogiannopoulos [mailto:n.mavrogiannopoulos at gmail.com] On Behalf Of Nikos Mavrogiannopoulos
> Sent: Saturday, January 15, 2011 10:46 AM
> To: Murray S. Kucherawy
> Cc: help-gnutls at gnu.org
> Subject: Re: RSA sign/verify and hash generation functions
> You can use gnutls_privkey_sign_hash2() instead of
> gnutls_x509_privkey_sign_hash2(). There shouldn't be any side-effects.
OK, I'll try that next week.
> For verification you could use gnutls_pubkey_verify_data/hash.
Already doing that.
> You can use the gnutls_x509_ interface to import/export from a
> file/buffer and then use the gnutls_privkey_ interface to import
> from that and access operations. In a language like C++ it would
> be easier to express that a gnutls_x509_privkey_t is also a
> gnutls_privkey_t, but in C it causes that inconvenience.
Yep, that's what I'm doing now. The gnutls_x509_*() calls are only to import a private key in PEM/DER format, and to get the key size out, and to sign a hash (though I'll try the non-x509 interface next week). Everything else is gnutls_privkey_*() or gnutls_pubkey_*() already. Does that sound right?
More information about the Gnutls-help