From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 22 Oct 2015 11:04:32 +0000 (+0200)
Subject: doc: document the sign function requirements in gnutls_privkey_import_ext
X-Git-Tag: gnutls_3_5_0~615
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=238ea892e087e8b40a20e8f7e14898ed5ff708ed;p=thirdparty%2Fgnutls.git

doc: document the sign function requirements in gnutls_privkey_import_ext
---

diff --git a/lib/privkey.c b/lib/privkey.c
index 3ea880e472..90a6304796 100644
--- a/lib/privkey.c
+++ b/lib/privkey.c
@@ -533,6 +533,11 @@ gnutls_privkey_export_pkcs11(gnutls_privkey_t pkey,
  * #gnutls_privkey_t type. At least one of the two callbacks
  * must be non-null.
  *
+ * Note that the signing function is supposed to "raw" sign data, i.e.,
+ * without any hashing or preprocessing. In case of RSA the DigestInfo
+ * will be provided, and the signing function is expected to do the PKCS #1
+ * 1.5 padding and the exponentiation.
+ *
  * See also gnutls_privkey_import_ext3().
  *
  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a