1 /*
2  * Copyright (C) 2000-2012 Free Software Foundation, Inc.
3  *
4  * Author: Nikos Mavrogiannopoulos
5  *
6  * This file is part of GnuTLS.
7  *
8  * The GnuTLS is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU Lesser General Public License
10  * as published by the Free Software Foundation; either version 2.1 of
11  * the License, or (at your option) any later version.
12  *
13  * This library is distributed in the hope that it will be useful, but
14  * WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
16  * Lesser General Public License for more details.
17  *
18  * You should have received a copy of the GNU Lesser General Public License
19  * along with this program.  If not, see <https://www.gnu.org/licenses/>
20  *
21  */
22 
23 #ifndef GNUTLS_LIB_TLS_SIG_H
24 #define GNUTLS_LIB_TLS_SIG_H
25 
26 #include <gnutls/abstract.h>
27 
28 /* While this is currently equal to the length of RSA/SHA512
29  * signature, it should also be sufficient for DSS signature and any
30  * other RSA signatures including one with the old MD5/SHA1-combined
31  * format.
32  */
33 #define MAX_SIG_SIZE (19 + MAX_HASH_SIZE)
34 
35 int _gnutls_check_key_usage_for_sig(gnutls_session_t session, unsigned key_usage,
36 				    unsigned our_cert);
37 
38 int _gnutls_handshake_sign_crt_vrfy(gnutls_session_t session,
39 				    gnutls_pcert_st * cert,
40 				    gnutls_privkey_t pkey,
41 				    gnutls_datum_t * signature);
42 
43 int _gnutls_handshake_sign_data(gnutls_session_t session,
44 				gnutls_pcert_st * cert,
45 				gnutls_privkey_t pkey,
46 				gnutls_datum_t * params,
47 				gnutls_datum_t * signature,
48 				gnutls_sign_algorithm_t * algo);
49 
50 int _gnutls_handshake_verify_crt_vrfy(gnutls_session_t session,
51 				      unsigned verify_flags,
52 				      gnutls_pcert_st * cert,
53 				      gnutls_datum_t * signature,
54 				      gnutls_sign_algorithm_t);
55 
56 int _gnutls_handshake_verify_data(gnutls_session_t session,
57 				  unsigned verify_flags,
58 				  gnutls_pcert_st * cert,
59 				  const gnutls_datum_t * params,
60 				  gnutls_datum_t * signature,
61 				  gnutls_sign_algorithm_t algo);
62 
63 #endif /* GNUTLS_LIB_TLS_SIG_H */
64