commit ee73179b2f3bd61e1b8c18962badd9ad1e2d374e
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Sep 11 22:48:40 2013 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Thu Sep 12 11:57:00 2013 +0200
tree 7cc07ab55f2563b74c86157833945a0f01905f0f
parent 8053da40579c6ce3933bdfa6515d6ef4f98b6c7a

Adapt x509write_csr prototypes for PK

include/polarssl/x509write.h

diff --git a/include/polarssl/x509write.h b/include/polarssl/x509write.h
index 661acf6..5e0d82a 100644
--- a/include/polarssl/x509write.h
+++ b/include/polarssl/x509write.h
@@ -121,13 +121,13 @@
 int x509write_csr_set_subject_name( x509write_csr *ctx, char *subject_name );
 
 /**
- * \brief           Set the RSA key for a CSR (public key will be included,
+ * \brief           Set the key for a CSR (public key will be included,
  *                  private key used to sign the CSR when writing it)
  *
  * \param ctx       CSR context to use
- * \param rsa       RSA key to include
+ * \param key       Asymetric key to include
  */
-void x509write_csr_set_rsa_key( x509write_csr *ctx, rsa_context *rsa );
+void x509write_csr_set_key( x509write_csr *ctx, pk_context *key );
 
 /**
  * \brief           Set the MD algorithm to use for the signature
@@ -419,11 +419,20 @@
  * \param rsa       CSR to write away
  * \param buf       buffer to write to
  * \param size      size of the buffer
+ * \param f_rng     RNG function (for signature, see note)
+ * \param p_rng     RNG parameter
  *
  * \return          length of data written if successful, or a specific
  *                  error code
+ *
+ * \note            f_rng may be NULL if RSA is used for signature and the
+ *                  signature is made offline (otherwise f_rng is desirable
+ *                  for countermeasures against timing attacks).
+ *                  ECDSA signatures always require a non-NULL f_rng.
  */
-int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size );
+int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng );
 
 #if defined(POLARSSL_BASE64_C)
 /**
@@ -466,10 +475,19 @@
  * \param rsa       CSR to write away
  * \param buf       buffer to write to
  * \param size      size of the buffer
+ * \param f_rng     RNG function (for signature, see note)
+ * \param p_rng     RNG parameter
  *
  * \return          0 successful, or a specific error code
+ *
+ * \note            f_rng may be NULL if RSA is used for signature and the
+ *                  signature is made offline (otherwise f_rng is desirable
+ *                  for couermeasures against timing attacks).
+ *                  ECDSA signatures always require a non-NULL f_rng.
  */
-int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size );
+int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size,
+                       int (*f_rng)(void *, unsigned char *, size_t),
+                       void *p_rng );
 #endif /* POLARSSL_BASE64_C */
 
 #ifdef __cplusplus