r3112 - in trunk/libmcrypto: . m4 source/gnutls

Thu Jan 11 19:53:01 CET 2007

Author: mikma
Date: 2007-01-11 19:53:00 +0100 (Thu, 11 Jan 2007)
New Revision: 3112

Modified:
   trunk/libmcrypto/README
   trunk/libmcrypto/m4/libmcrypto.m4
   trunk/libmcrypto/source/gnutls/cert.cxx
Log:
* Make gtls_priv_key::sign_data compatible with corresponding OpenSSL method.
  Return 0 if sign buffer length is too small, and set it to the required
  length.

* All crypto methods except a couple are implemented in GNU TLS.
  certificate::envelope_data and certificate::devenlope_data are still
  unimplemented, but they are only used if onlineconf is enabled in
  libminisip.



Modified: trunk/libmcrypto/README
===================================================================

--- trunk/libmcrypto/README	2007-01-10 23:58:35 UTC (rev 3111)
+++ trunk/libmcrypto/README	2007-01-11 18:53:00 UTC (rev 3112)
@@ -6,8 +6,7 @@
 
 Requirements:
 	libmutil
-	OpenSSL v0.9.6+
-	GNUTLS	(optional, not yet supported)
+	OpenSSL v0.9.6+ or GNU TLS
 
 Installation:
    Please refer to the INSTALL file for installation instructions.

Modified: trunk/libmcrypto/m4/libmcrypto.m4
===================================================================
--- trunk/libmcrypto/m4/libmcrypto.m4	2007-01-10 23:58:35 UTC (rev 3111)
+++ trunk/libmcrypto/m4/libmcrypto.m4	2007-01-11 18:53:00 UTC (rev 3112)
@@ -88,7 +88,6 @@
 	],[])
 AC_CHECK_LIB([gnutls], [main],[
 		AC_CHECK_HEADER(gnutls/x509.h)
-		AC_MSG_NOTICE([Sorry, but gnutls support is not complete.])
 		GNUTLS_LIBS="-lgnutls"
 		AC_DEFINE([HAVE_GNUTLS], 1, [Define to 1 if you have gnutls.])
 		HAVE_GNUTLS=yes

Modified: trunk/libmcrypto/source/gnutls/cert.cxx
===================================================================
--- trunk/libmcrypto/source/gnutls/cert.cxx	2007-01-10 23:58:35 UTC (rev 3111)
+++ trunk/libmcrypto/source/gnutls/cert.cxx	2007-01-11 18:53:00 UTC (rev 3112)
@@ -557,7 +557,13 @@
 			&dataStruct,
 			sign, &length );
 
-	if( err < 0 ){
+	if( err == GNUTLS_E_SHORT_MEMORY_BUFFER ){
+		memset( sign, 0, *sign_length );
+		*sign_length = length;
+		return 0;
+	}
+	else if( err < 0 ){
+		cerr << "GNUTLS error " << gnutls_strerror( err ) << endl;
 		throw certificate_exception(
 			"Signature of data failed" );
 	}
@@ -1171,7 +1177,7 @@
 	data.data = NULL;
 
 	if( res < 0 ){
-		cerr << "Error " << res << endl;
+		cerr << "GNUTLS error " << gnutls_strerror( res ) << endl;
 		throw certificate_exception( "Can't load certificate file (2)" );
 // 		return NULL;
 	}

