1 files changed, 6 insertions, 331 deletions
diff --git a/src/daemon/https/x509/x509_privkey.c b/src/daemon/https/x509/x509_privkey.c
index e01861b8..579ce664 100644
--- a/src/daemon/https/x509/x509_privkey.c
+++ b/src/daemon/https/x509/x509_privkey.c
@@ -39,8 +39,8 @@
 #include <dsa.h>
 #include <verify.h>
-static int MHD__gnutlsMHD__asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params);
+static int MHD__gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params);
-int MHD__gnutlsMHD__asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params);
+int MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params);
 /* remove this when libgcrypt can handle the PKCS #1 coefficients from
 * rsa keys
@@ -127,7 +127,7 @@ MHD_gnutls_x509_privkey_cpy (MHD_gnutls_x509_privkey_t dst, MHD_gnutls_x509_priv
      switch (dst->pk_algorithm)
        {
        case MHD_GNUTLS_PK_RSA:
-          ret = MHD__gnutlsMHD__asn1_encode_rsa (&dst->key, dst->params);
+          ret = MHD__gnutls_asn1_encode_rsa (&dst->key, dst->params);
          if (ret < 0)
            {
              MHD_gnutls_assert ();
@@ -439,7 +439,7 @@ MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key,
  if (!key->crippled)
    {
-      ret = MHD__gnutlsMHD__asn1_encode_rsa (&key->key, key->params);
+      ret = MHD__gnutls_asn1_encode_rsa (&key->key, key->params);
      if (ret < 0)
        {
          MHD_gnutls_assert ();
@@ -481,7 +481,7 @@ MHD_gnutls_x509_privkey_get_pk_algorithm (MHD_gnutls_x509_privkey_t key)
 /* Encodes the RSA parameters into an ASN.1 RSA private key structure.
 */
 static int
-MHD__gnutlsMHD__asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params)
+MHD__gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params)
 {
  int result, i;
  size_t size[8], total;
@@ -712,7 +712,7 @@ cleanup:MHD_gtls_mpi_release (&u);
 /* Encodes the DSA parameters into an ASN.1 DSAPrivateKey structure.
 */
 int
-MHD__gnutlsMHD__asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params)
+MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params)
 {
  int result, i;
  size_t size[DSA_PRIVATE_PARAMS], total;
@@ -823,328 +823,3 @@ cleanup:MHD__asn1_delete_structure (c2);
  return result;
 }
-/**
- * MHD_gnutls_x509_privkey_generate - This function will generate a private key
- * @key: should contain a MHD_gnutls_x509_privkey_t structure
- * @algo: is one of RSA or DSA.
- * @bits: the size of the modulus
- * @flags: unused for now. Must be 0.
- *
- * This function will generate a random private key. Note that
- * this function must be called on an empty private key.
- *
- * Returns 0 on success or a negative value on error.
- *
- **/
-int
-MHD_gnutls_x509_privkey_generate (MHD_gnutls_x509_privkey_t key,
-                              enum MHD_GNUTLS_PublicKeyAlgorithm algo,
-                              unsigned int bits, unsigned int flags)
-{
-  int ret, params_len;
-  int i;
-  if (key == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-  switch (algo)
-    {
-    case MHD_GNUTLS_PK_RSA:
-      ret = MHD__gnutls_rsa_generate_params (key->params, &params_len, bits);
-      if (ret < 0)
-        {
-          MHD_gnutls_assert ();
-          return ret;
-        }
-      if (!key->crippled)
-        {
-          ret = MHD__gnutlsMHD__asn1_encode_rsa (&key->key, key->params);
-          if (ret < 0)
-            {
-              MHD_gnutls_assert ();
-              goto cleanup;
-            }
-        }
-      key->params_size = params_len;
-      key->pk_algorithm = MHD_GNUTLS_PK_RSA;
-      break;
-    default:
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-  return 0;
-cleanup:key->pk_algorithm = MHD_GNUTLS_PK_UNKNOWN;
-  key->params_size = 0;
-  for (i = 0; i < params_len; i++)
-    MHD_gtls_mpi_release (&key->params[i]);
-  return ret;
-}
-/**
- * MHD_gnutls_x509_privkey_get_key_id - Return unique ID of the key's parameters
- * @key: Holds the key
- * @flags: should be 0 for now
- * @output_data: will contain the key ID
- * @output_data_size: holds the size of output_data (and will be
- *   replaced by the actual size of parameters)
- *
- * This function will return a unique ID the depends on the public key
- * parameters. This ID can be used in checking whether a certificate
- * corresponds to the given key.
- *
- * If the buffer provided is not long enough to hold the output, then
- * *output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will
- * be returned.  The output will normally be a SHA-1 hash output,
- * which is 20 bytes.
- *
- * Return value: In case of failure a negative value will be
- *   returned, and 0 on success.
- *
- **/
-int
-MHD_gnutls_x509_privkey_get_key_id (MHD_gnutls_x509_privkey_t key,
-                                unsigned int flags,
-                                unsigned char *output_data,
-                                size_t * output_data_size)
-{
-  int result;
-  GNUTLS_HASH_HANDLE hd;
-  MHD_gnutls_datum_t der = { NULL,
-    0
-  };
-  if (key == NULL || key->crippled)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-  if (*output_data_size < 20)
-    {
-      MHD_gnutls_assert ();
-      *output_data_size = 20;
-      return GNUTLS_E_SHORT_MEMORY_BUFFER;
-    }
-  if (key->pk_algorithm == MHD_GNUTLS_PK_RSA)
-    {
-      result = MHD__gnutls_x509_write_rsa_params (key->params, key->params_size,
-                                              &der);
-      if (result < 0)
-        {
-          MHD_gnutls_assert ();
-          goto cleanup;
-        }
-    }
-  else
-    return GNUTLS_E_INTERNAL_ERROR;
-  hd = MHD_gtls_hash_init (MHD_GNUTLS_MAC_SHA1);
-  if (hd == GNUTLS_HASH_FAILED)
-    {
-      MHD_gnutls_assert ();
-      result = GNUTLS_E_INTERNAL_ERROR;
-      goto cleanup;
-    }
-  MHD_gnutls_hash (hd, der.data, der.size);
-  MHD_gnutls_hash_deinit (hd, output_data);
-  *output_data_size = 20;
-  result = 0;
-cleanup:
-  MHD__gnutls_free_datum (&der);
-  return result;
-}
-#ifdef ENABLE_PKI
-/**
- * MHD_gnutls_x509_privkey_sign_data - This function will sign the given data using the private key params
- * @key: Holds the key
- * @digest: should be MD5 or SHA1
- * @flags: should be 0 for now
- * @data: holds the data to be signed
- * @signature: will contain the signature
- * @signature_size: holds the size of signature (and will be replaced
- *   by the new size)
- *
- * This function will sign the given data using a signature algorithm
- * supported by the private key. Signature algorithms are always used
- * together with a hash functions.  Different hash functions may be
- * used for the RSA algorithm, but only SHA-1 for the DSA keys.
- *
- * If the buffer provided is not long enough to hold the output, then
- * *signature_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will
- * be returned.
- *
- * In case of failure a negative value will be returned, and
- * 0 on success.
- *
- **/
-int
-MHD_gnutls_x509_privkey_sign_data (MHD_gnutls_x509_privkey_t key,
-                               enum MHD_GNUTLS_HashAlgorithm digest,
-                               unsigned int flags,
-                               const MHD_gnutls_datum_t * data,
-                               void *signature, size_t * signature_size)
-{
-  int result;
-  MHD_gnutls_datum_t sig = { NULL, 0 };
-  if (key == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-  result = MHD__gnutls_x509_sign (data, digest, key, &sig);
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-  if (*signature_size < sig.size)
-    {
-      *signature_size = sig.size;
-      MHD__gnutls_free_datum (&sig);
-      return GNUTLS_E_SHORT_MEMORY_BUFFER;
-    }
-  *signature_size = sig.size;
-  memcpy (signature, sig.data, sig.size);
-  MHD__gnutls_free_datum (&sig);
-  return 0;
-}
-/**
- * MHD_gnutls_x509_privkey_sign_hash - This function will sign the given data using the private key params
- * @key: Holds the key
- * @hash: holds the data to be signed
- * @signature: will contain newly allocated signature
- *
- * This function will sign the given hash using the private key.
- *
- * Return value: In case of failure a negative value will be returned,
- * and 0 on success.
- **/
-int
-MHD_gnutls_x509_privkey_sign_hash (MHD_gnutls_x509_privkey_t key,
-                               const MHD_gnutls_datum_t * hash,
-                               MHD_gnutls_datum_t * signature)
-{
-  int result;
-  if (key == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-  result = MHD_gtls_sign (key->pk_algorithm, key->params,
-                          key->params_size, hash, signature);
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-  return 0;
-}
-/**
- * MHD_gnutls_x509_privkey_verify_data - This function will verify the given signed data.
- * @key: Holds the key
- * @flags: should be 0 for now
- * @data: holds the data to be signed
- * @signature: contains the signature
- *
- * This function will verify the given signed data, using the parameters in the
- * private key.
- *
- * In case of a verification failure 0 is returned, and
- * 1 on success.
- *
- **/
-int
-MHD_gnutls_x509_privkey_verify_data (MHD_gnutls_x509_privkey_t key,
-                                 unsigned int flags,
-                                 const MHD_gnutls_datum_t * data,
-                                 const MHD_gnutls_datum_t * signature)
-{
-  int result;
-  if (key == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-  result = MHD__gnutls_x509_privkey_verify_signature (data, signature, key);
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return 0;
-    }
-  return result;
-}
-/**
- * MHD_gnutls_x509_privkey_fix - This function will recalculate some parameters of the key.
- * @key: Holds the key
- *
- * This function will recalculate the secondary parameters in a key.
- * In RSA keys, this can be the coefficient and exponent1,2.
- *
- * Return value: In case of failure a negative value will be
- *   returned, and 0 on success.
- *
- **/
-int
-MHD_gnutls_x509_privkey_fix (MHD_gnutls_x509_privkey_t key)
-{
-  int ret;
-  if (key == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-  if (!key->crippled)
-    MHD__asn1_delete_structure (&key->key);
-  switch (key->pk_algorithm)
-    {
-    case MHD_GNUTLS_PK_RSA:
-      ret = MHD__gnutlsMHD__asn1_encode_rsa (&key->key, key->params);
-      if (ret < 0)
-        {
-          MHD_gnutls_assert ();
-          return ret;
-        }
-      break;
-    default:
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-  return 0;
-}
-#endif

diff --git a/src/daemon/https/x509/x509_privkey.c b/src/daemon/https/x509/x509_privkey.c index e01861b8..579ce664 100644 --- a/src/daemon/https/x509/x509_privkey.c +++ b/src/daemon/https/x509/x509_privkey.c
@@ -39,8 +39,8 @@
39	#include <dsa.h>	39	#include <dsa.h>
40	#include <verify.h>	40	#include <verify.h>
41		41
42	static int MHD__gnutlsMHD__asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params);	42	static int MHD__gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params);
43	int MHD__gnutlsMHD__asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params);	43	int MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params);
44		44
45	/* remove this when libgcrypt can handle the PKCS #1 coefficients from	45	/* remove this when libgcrypt can handle the PKCS #1 coefficients from
46	* rsa keys	46	* rsa keys
@@ -127,7 +127,7 @@ MHD_gnutls_x509_privkey_cpy (MHD_gnutls_x509_privkey_t dst, MHD_gnutls_x509_priv
127	switch (dst->pk_algorithm)	127	switch (dst->pk_algorithm)
128	{	128	{
129	case MHD_GNUTLS_PK_RSA:	129	case MHD_GNUTLS_PK_RSA:
130	ret = MHD__gnutlsMHD__asn1_encode_rsa (&dst->key, dst->params);	130	ret = MHD__gnutls_asn1_encode_rsa (&dst->key, dst->params);
131	if (ret < 0)	131	if (ret < 0)
132	{	132	{
133	MHD_gnutls_assert ();	133	MHD_gnutls_assert ();
@@ -439,7 +439,7 @@ MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key,
439		439
440	if (!key->crippled)	440	if (!key->crippled)
441	{	441	{
442	ret = MHD__gnutlsMHD__asn1_encode_rsa (&key->key, key->params);	442	ret = MHD__gnutls_asn1_encode_rsa (&key->key, key->params);
443	if (ret < 0)	443	if (ret < 0)
444	{	444	{
445	MHD_gnutls_assert ();	445	MHD_gnutls_assert ();
@@ -481,7 +481,7 @@ MHD_gnutls_x509_privkey_get_pk_algorithm (MHD_gnutls_x509_privkey_t key)
481	/* Encodes the RSA parameters into an ASN.1 RSA private key structure.	481	/* Encodes the RSA parameters into an ASN.1 RSA private key structure.
482	*/	482	*/
483	static int	483	static int
484	MHD__gnutlsMHD__asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params)	484	MHD__gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params)
485	{	485	{
486	int result, i;	486	int result, i;
487	size_t size[8], total;	487	size_t size[8], total;
@@ -712,7 +712,7 @@ cleanup:MHD_gtls_mpi_release (&u);
712	/* Encodes the DSA parameters into an ASN.1 DSAPrivateKey structure.	712	/* Encodes the DSA parameters into an ASN.1 DSAPrivateKey structure.
713	*/	713	*/
714	int	714	int
715	MHD__gnutlsMHD__asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params)	715	MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params)
716	{	716	{
717	int result, i;	717	int result, i;
718	size_t size[DSA_PRIVATE_PARAMS], total;	718	size_t size[DSA_PRIVATE_PARAMS], total;
@@ -823,328 +823,3 @@ cleanup:MHD__asn1_delete_structure (c2);
823	return result;	823	return result;
824	}	824	}
825		825
826	/**
827	* MHD_gnutls_x509_privkey_generate - This function will generate a private key
828	* @key: should contain a MHD_gnutls_x509_privkey_t structure
829	* @algo: is one of RSA or DSA.
830	* @bits: the size of the modulus
831	* @flags: unused for now. Must be 0.
832	*
833	* This function will generate a random private key. Note that
834	* this function must be called on an empty private key.
835	*
836	* Returns 0 on success or a negative value on error.
837	*
838	**/
839	int
840	MHD_gnutls_x509_privkey_generate (MHD_gnutls_x509_privkey_t key,
841	enum MHD_GNUTLS_PublicKeyAlgorithm algo,
842	unsigned int bits, unsigned int flags)
843	{
844	int ret, params_len;
845	int i;
846
847	if (key == NULL)
848	{
849	MHD_gnutls_assert ();
850	return GNUTLS_E_INVALID_REQUEST;
851	}
852
853	switch (algo)
854	{
855	case MHD_GNUTLS_PK_RSA:
856	ret = MHD__gnutls_rsa_generate_params (key->params, &params_len, bits);
857	if (ret < 0)
858	{
859	MHD_gnutls_assert ();
860	return ret;
861	}
862
863	if (!key->crippled)
864	{
865	ret = MHD__gnutlsMHD__asn1_encode_rsa (&key->key, key->params);
866	if (ret < 0)
867	{
868	MHD_gnutls_assert ();
869	goto cleanup;
870	}
871	}
872
873	key->params_size = params_len;
874	key->pk_algorithm = MHD_GNUTLS_PK_RSA;
875
876	break;
877	default:
878	MHD_gnutls_assert ();
879	return GNUTLS_E_INVALID_REQUEST;
880	}
881
882	return 0;
883
884	cleanup:key->pk_algorithm = MHD_GNUTLS_PK_UNKNOWN;
885	key->params_size = 0;
886	for (i = 0; i < params_len; i++)
887	MHD_gtls_mpi_release (&key->params[i]);
888
889	return ret;
890	}
891
892	/**
893	* MHD_gnutls_x509_privkey_get_key_id - Return unique ID of the key's parameters
894	* @key: Holds the key
895	* @flags: should be 0 for now
896	* @output_data: will contain the key ID
897	* @output_data_size: holds the size of output_data (and will be
898	* replaced by the actual size of parameters)
899	*
900	* This function will return a unique ID the depends on the public key
901	* parameters. This ID can be used in checking whether a certificate
902	* corresponds to the given key.
903	*
904	* If the buffer provided is not long enough to hold the output, then
905	* *output_data_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will
906	* be returned. The output will normally be a SHA-1 hash output,
907	* which is 20 bytes.
908	*
909	* Return value: In case of failure a negative value will be
910	* returned, and 0 on success.
911	*
912	**/
913	int
914	MHD_gnutls_x509_privkey_get_key_id (MHD_gnutls_x509_privkey_t key,
915	unsigned int flags,
916	unsigned char *output_data,
917	size_t * output_data_size)
918	{
919	int result;
920	GNUTLS_HASH_HANDLE hd;
921	MHD_gnutls_datum_t der = { NULL,
922	0
923	};
924
925	if (key == NULL \|\| key->crippled)
926	{
927	MHD_gnutls_assert ();
928	return GNUTLS_E_INVALID_REQUEST;
929	}
930
931	if (*output_data_size < 20)
932	{
933	MHD_gnutls_assert ();
934	*output_data_size = 20;
935	return GNUTLS_E_SHORT_MEMORY_BUFFER;
936	}
937
938	if (key->pk_algorithm == MHD_GNUTLS_PK_RSA)
939	{
940	result = MHD__gnutls_x509_write_rsa_params (key->params, key->params_size,
941	&der);
942	if (result < 0)
943	{
944	MHD_gnutls_assert ();
945	goto cleanup;
946	}
947	}
948	else
949	return GNUTLS_E_INTERNAL_ERROR;
950
951	hd = MHD_gtls_hash_init (MHD_GNUTLS_MAC_SHA1);
952	if (hd == GNUTLS_HASH_FAILED)
953	{
954	MHD_gnutls_assert ();
955	result = GNUTLS_E_INTERNAL_ERROR;
956	goto cleanup;
957	}
958
959	MHD_gnutls_hash (hd, der.data, der.size);
960
961	MHD_gnutls_hash_deinit (hd, output_data);
962	*output_data_size = 20;
963
964	result = 0;
965
966	cleanup:
967
968	MHD__gnutls_free_datum (&der);
969	return result;
970	}
971
972	#ifdef ENABLE_PKI
973
974	/**
975	* MHD_gnutls_x509_privkey_sign_data - This function will sign the given data using the private key params
976	* @key: Holds the key
977	* @digest: should be MD5 or SHA1
978	* @flags: should be 0 for now
979	* @data: holds the data to be signed
980	* @signature: will contain the signature
981	* @signature_size: holds the size of signature (and will be replaced
982	* by the new size)
983	*
984	* This function will sign the given data using a signature algorithm
985	* supported by the private key. Signature algorithms are always used
986	* together with a hash functions. Different hash functions may be
987	* used for the RSA algorithm, but only SHA-1 for the DSA keys.
988	*
989	* If the buffer provided is not long enough to hold the output, then
990	* *signature_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will
991	* be returned.
992	*
993	* In case of failure a negative value will be returned, and
994	* 0 on success.
995	*
996	**/
997	int
998	MHD_gnutls_x509_privkey_sign_data (MHD_gnutls_x509_privkey_t key,
999	enum MHD_GNUTLS_HashAlgorithm digest,
1000	unsigned int flags,
1001	const MHD_gnutls_datum_t * data,
1002	void signature, size_t signature_size)
1003	{
1004	int result;
1005	MHD_gnutls_datum_t sig = { NULL, 0 };
1006
1007	if (key == NULL)
1008	{
1009	MHD_gnutls_assert ();
1010	return GNUTLS_E_INVALID_REQUEST;
1011	}
1012
1013	result = MHD__gnutls_x509_sign (data, digest, key, &sig);
1014	if (result < 0)
1015	{
1016	MHD_gnutls_assert ();
1017	return result;
1018	}
1019
1020	if (*signature_size < sig.size)
1021	{
1022	*signature_size = sig.size;
1023	MHD__gnutls_free_datum (&sig);
1024	return GNUTLS_E_SHORT_MEMORY_BUFFER;
1025	}
1026
1027	*signature_size = sig.size;
1028	memcpy (signature, sig.data, sig.size);
1029
1030	MHD__gnutls_free_datum (&sig);
1031
1032	return 0;
1033	}
1034
1035	/**
1036	* MHD_gnutls_x509_privkey_sign_hash - This function will sign the given data using the private key params
1037	* @key: Holds the key
1038	* @hash: holds the data to be signed
1039	* @signature: will contain newly allocated signature
1040	*
1041	* This function will sign the given hash using the private key.
1042	*
1043	* Return value: In case of failure a negative value will be returned,
1044	* and 0 on success.
1045	**/
1046	int
1047	MHD_gnutls_x509_privkey_sign_hash (MHD_gnutls_x509_privkey_t key,
1048	const MHD_gnutls_datum_t * hash,
1049	MHD_gnutls_datum_t * signature)
1050	{
1051	int result;
1052
1053	if (key == NULL)
1054	{
1055	MHD_gnutls_assert ();
1056	return GNUTLS_E_INVALID_REQUEST;
1057	}
1058
1059	result = MHD_gtls_sign (key->pk_algorithm, key->params,
1060	key->params_size, hash, signature);
1061	if (result < 0)
1062	{
1063	MHD_gnutls_assert ();
1064	return result;
1065	}
1066
1067	return 0;
1068	}
1069
1070	/**
1071	* MHD_gnutls_x509_privkey_verify_data - This function will verify the given signed data.
1072	* @key: Holds the key
1073	* @flags: should be 0 for now
1074	* @data: holds the data to be signed
1075	* @signature: contains the signature
1076	*
1077	* This function will verify the given signed data, using the parameters in the
1078	* private key.
1079	*
1080	* In case of a verification failure 0 is returned, and
1081	* 1 on success.
1082	*
1083	**/
1084	int
1085	MHD_gnutls_x509_privkey_verify_data (MHD_gnutls_x509_privkey_t key,
1086	unsigned int flags,
1087	const MHD_gnutls_datum_t * data,
1088	const MHD_gnutls_datum_t * signature)
1089	{
1090	int result;
1091
1092	if (key == NULL)
1093	{
1094	MHD_gnutls_assert ();
1095	return GNUTLS_E_INVALID_REQUEST;
1096	}
1097
1098	result = MHD__gnutls_x509_privkey_verify_signature (data, signature, key);
1099	if (result < 0)
1100	{
1101	MHD_gnutls_assert ();
1102	return 0;
1103	}
1104
1105	return result;
1106	}
1107
1108	/**
1109	* MHD_gnutls_x509_privkey_fix - This function will recalculate some parameters of the key.
1110	* @key: Holds the key
1111	*
1112	* This function will recalculate the secondary parameters in a key.
1113	* In RSA keys, this can be the coefficient and exponent1,2.
1114	*
1115	* Return value: In case of failure a negative value will be
1116	* returned, and 0 on success.
1117	*
1118	**/
1119	int
1120	MHD_gnutls_x509_privkey_fix (MHD_gnutls_x509_privkey_t key)
1121	{
1122	int ret;
1123
1124	if (key == NULL)
1125	{
1126	MHD_gnutls_assert ();
1127	return GNUTLS_E_INVALID_REQUEST;
1128	}
1129
1130	if (!key->crippled)
1131	MHD__asn1_delete_structure (&key->key);
1132	switch (key->pk_algorithm)
1133	{
1134	case MHD_GNUTLS_PK_RSA:
1135	ret = MHD__gnutlsMHD__asn1_encode_rsa (&key->key, key->params);
1136	if (ret < 0)
1137	{
1138	MHD_gnutls_assert ();
1139	return ret;
1140	}
1141	break;
1142	default:
1143	MHD_gnutls_assert ();
1144	return GNUTLS_E_INVALID_REQUEST;
1145	}
1146
1147	return 0;
1148	}
1149
1150	#endif