Here is an additional patch, to expose the type of key that should be used for a signature.
On Thu, Sep 11, 2014 at 10:59 AM, Fedor Indutny via RT <r...@openssl.org> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello devs! > > Here is a patch that implements asynchronous RSA key operation > mode for a TLS/SSL implementation in OpenSSL. > > Here is some technical info about it: > > Support async RSA exchange by providing new SSL_want_rsa_sign(), > SSL_want_rsa_decrypt() API methods. > > After getting such want values - SSL_supply_key_ex_data() should be > invoked to continue handshake with a sign/decrypt data that was received > from the remote server. > - --- > ssl/s3_srvr.c | 398 > ++++++++++++++++++++++++++++++++++++++++----------------- > ssl/ssl.h | 28 ++++ > ssl/ssl3.h | 6 + > ssl/ssl_lib.c | 31 ++++- > ssl/ssl_locl.h | 2 + > ssl/ssl_rsa.c | 24 ++-- > ssl/ssltest.c | 116 ++++++++++++++++- > test/testssl | 6 + > 8 files changed, 475 insertions(+), 136 deletions(-) > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQIcBAEBAgAGBQJUEWeCAAoJENcGPM4Zt+iQPcoP/0R9wJz0gvqi5QFiGiAyOXyD > uWWB+lkGlB4r6AOhu1D02tQaQTaiRhSO3theSMOCZ4fQ+BMqZdyk37zq/6Z/rjnJ > jkd062SgYeh8WCvoJSoNF+gSeDgM/WnWw2q6R1Ls+DuYdQstym9+VIgx3LLd0LO8 > 19mYHPUms0TFkzPfLqST4keHyZlLa1HzsEpdEQ8TWaU1vqqSrH6NfvPDjwwzMVWG > yMOW8tM8I2WDU9V6zMm+Mr7qmU/zowwVmOnVu0Mi8wBpcpN1GvFGbN8oXispnLc/ > uccrKK1l98p3wnI0uXe5SmXWB5ksaEtz6CMewZotRgKR8dluwEHqIZ1mzE4+TMxK > iFDqUlCcRIjGgssGyjbHC23inwDeN1lZjOxE0G0dhzJZcYAYWJ2rWSQQGxBJJy5Z > VFxaElNImDyZ9uUFUtEhzGoaAV7isC9h78anTFzJMuJLTiukHERwFPvRgU/HQPNx > EG481cmnjJ2M2hyWRBrvCna8SftUPmGHczqDPD+Tt4Ry/msoZpdwEcLNossl6GcF > wXoAMeV5Jg8CenVobdLDQ53G1pJCcY58Zk+Ep9Va+DqfoEsyHc+XhhApMP8B4leC > R2mwi0KVL5F6NPhqJmDi1aXKtUu4A50j3yk35aJrEjQCKv3BW1gHvlL763Sve/GL > CAsACbfGic+GRS52Pmo2 > =f3GH > -----END PGP SIGNATURE----- > >
0002-ssl-support-non-RSA-key-signatures-in-key-ex.patch
Description: Binary data
0002-ssl-support-non-RSA-key-signatures-in-key-ex.patch.sig
Description: Binary data