From f81444bd57095cf8ff8e76b50f662aad0757f574 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Sun, 7 Aug 2011 18:22:19 +0200
Subject: pki: Add pki_do_sign().

---
 src/pki_gcrypt.c | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)

(limited to 'src/pki_gcrypt.c')

diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c
index 30448c2..9c6cd67 100644
--- a/src/pki_gcrypt.c
+++ b/src/pki_gcrypt.c
@@ -856,6 +856,49 @@ fail:
     return NULL;
 }
 
+struct signature_struct *pki_do_sign(ssh_key privatekey,
+                                     const unsigned char *hash) {
+    struct signature_struct *sign;
+    gcry_sexp_t gcryhash;
+
+    sign = malloc(sizeof(SIGNATURE));
+    if (sign == NULL) {
+        return NULL;
+    }
+    sign->type = privatekey->type;
+
+    switch(privatekey->type) {
+        case SSH_KEYTYPE_DSS:
+            if (gcry_sexp_build(&gcryhash, NULL, "%b", SHA_DIGEST_LEN + 1, hash) ||
+                gcry_pk_sign(&sign->dsa_sign, gcryhash, privatekey->dsa)) {
+                gcry_sexp_release(gcryhash);
+                signature_free(sign);
+                return NULL;
+            }
+            sign->rsa_sign = NULL;
+            break;
+        case SSH_KEYTYPE_RSA:
+        case SSH_KEYTYPE_RSA1:
+            if (gcry_sexp_build(&gcryhash, NULL, "(data(flags pkcs1)(hash sha1 %b))",
+                                SHA_DIGEST_LEN, hash + 1) ||
+                gcry_pk_sign(&sign->rsa_sign, gcryhash, privatekey->rsa)) {
+                gcry_sexp_release(gcryhash);
+                signature_free(sign);
+                return NULL;
+            }
+            sign->dsa_sign = NULL;
+            break;
+        case SSH_KEYTYPE_ECDSA:
+        case SSH_KEYTYPE_UNKNOWN:
+            signature_free(sign);
+            return NULL;
+    }
+
+    gcry_sexp_release(gcryhash);
+
+    return sign;
+}
+
 #endif /* HAVE_LIBGCRYPT */
 
 /**
-- 
cgit