private-key: Add optional parameters argument to sign() method

author: Tobias Brunner <tobias@strongswan.org> 2017-09-19 17:26:58 +0200
committer: Tobias Brunner <tobias@strongswan.org> 2017-11-08 16:48:10 +0100
commit: de280c2e031730dc3c2ddcc291b1db5ee61a97d9 (patch)
tree: 18b731fb0ec7c7066ed519501e293c36891f28b3 /src
parent: a413571f3bd9c94db02d8a3c026e87d57f5d120a (diff)
download: strongswan-de280c2e031730dc3c2ddcc291b1db5ee61a97d9.tar.bz2
strongswan-de280c2e031730dc3c2ddcc291b1db5ee61a97d9.tar.xz
28 files changed, 49 insertions, 49 deletions
diff --git a/src/charon-tkm/src/tkm/tkm_private_key.c b/src/charon-tkm/src/tkm/tkm_private_key.c
index db57ec1c7..02351b61c 100644
--- a/src/charon-tkm/src/tkm/tkm_private_key.c
+++ b/src/charon-tkm/src/tkm/tkm_private_key.c
@@ -58,7 +58,7 @@ METHOD(private_key_t, get_type, key_type_t,
 }
 
 METHOD(private_key_t, sign, bool,
-	private_tkm_private_key_t *this, signature_scheme_t scheme,
+	private_tkm_private_key_t *this, signature_scheme_t scheme, void *params,
 	chunk_t data, chunk_t *signature)
 {
 	signature_type sig;
diff --git a/src/conftest/hooks/pretend_auth.c b/src/conftest/hooks/pretend_auth.c
index d80196ed6..4be6f45db 100644
--- a/src/conftest/hooks/pretend_auth.c
+++ b/src/conftest/hooks/pretend_auth.c
@@ -244,7 +244,7 @@ static bool build_auth(private_pretend_auth_t *this,
 		private->destroy(private);
 		return FALSE;
 	}
-	if (!private->sign(private, scheme, octets, &auth_data))
+	if (!private->sign(private, scheme, NULL, octets, &auth_data))
 	{
 		chunk_free(&octets);
 		private->destroy(private);
diff --git a/src/conftest/hooks/rebuild_auth.c b/src/conftest/hooks/rebuild_auth.c
index b2df278a5..bc20292a1 100644
--- a/src/conftest/hooks/rebuild_auth.c
+++ b/src/conftest/hooks/rebuild_auth.c
@@ -143,7 +143,7 @@ static bool rebuild_auth(private_rebuild_auth_t *this, ike_sa_t *ike_sa,
 		id->destroy(id);
 		return FALSE;
 	}
-	if (!private->sign(private, scheme, octets, &auth_data))
+	if (!private->sign(private, scheme, NULL, octets, &auth_data))
 	{
 		chunk_free(&octets);
 		private->destroy(private);
diff --git a/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_private_key.c b/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_private_key.c
index d1f1bcb4e..4e49c2e4d 100644
--- a/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_private_key.c
+++ b/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_private_key.c
@@ -53,7 +53,7 @@ struct private_private_key_t {
 };
 
 METHOD(private_key_t, sign, bool,
-	private_private_key_t *this, signature_scheme_t scheme,
+	private_private_key_t *this, signature_scheme_t scheme, void *params,
 	chunk_t data, chunk_t *signature)
 {
 	JNIEnv *env;
diff --git a/src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c b/src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c
index 8e048c82a..41be15a08 100644
--- a/src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c
+++ b/src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c
@@ -110,7 +110,7 @@ METHOD(authenticator_t, build, status_t,
 	}
 	free(dh.ptr);
 
-	if (private->sign(private, scheme, hash, &sig))
+	if (private->sign(private, scheme, NULL, hash, &sig))
 	{
 		sig_payload = hash_payload_create(PLV1_SIGNATURE);
 		sig_payload->set_hash(sig_payload, sig);
diff --git a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
index e47abc72d..befdfe387 100644
--- a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
+++ b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
@@ -222,7 +222,7 @@ static status_t sign_signature_auth(private_pubkey_authenticator_t *this,
 		while (enumerator->enumerate(enumerator, &schemep))
 		{
 			scheme = *schemep;
-			if (private->sign(private, scheme, octets, auth_data) &&
+			if (private->sign(private, scheme, NULL, octets, auth_data) &&
 				build_signature_auth_data(auth_data, scheme))
 			{
 				status = SUCCESS;
@@ -318,7 +318,7 @@ static status_t sign_classic(private_pubkey_authenticator_t *this,
 	}
 
 	if (get_auth_octets_scheme(this, FALSE, id, &octets, &scheme) &&
-		private->sign(private, scheme, octets, auth_data))
+		private->sign(private, scheme, NULL, octets, auth_data))
 	{
 		status = SUCCESS;
 	}
diff --git a/src/libstrongswan/credentials/keys/private_key.h b/src/libstrongswan/credentials/keys/private_key.h
index b9f7dad55..d7cfdd74d 100644
--- a/src/libstrongswan/credentials/keys/private_key.h
+++ b/src/libstrongswan/credentials/keys/private_key.h
@@ -1,6 +1,7 @@
 /*
+ * Copyright (C) 2017 Tobias Brunner
  * Copyright (C) 2007 Martin Willi
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the
@@ -42,11 +43,12 @@ struct private_key_t {
 	 * Create a signature over a chunk of data.
 	 *
 	 * @param scheme	signature scheme to use
+	 * @param params	optional parameters required by the specified scheme
 	 * @param data		chunk of data to sign
 	 * @param signature	where to allocate created signature
 	 * @return			TRUE if signature created
 	 */
-	bool (*sign)(private_key_t *this, signature_scheme_t scheme,
+	bool (*sign)(private_key_t *this, signature_scheme_t scheme, void *params,
 				 chunk_t data, chunk_t *signature);
 	/**
 	 * Decrypt a chunk of data.
diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c
index bb55c45c0..cf2c5ea85 100644
--- a/src/libstrongswan/plugins/agent/agent_private_key.c
+++ b/src/libstrongswan/plugins/agent/agent_private_key.c
@@ -233,7 +233,7 @@ static bool scheme_supported(private_agent_private_key_t *this,
 }
 
 METHOD(private_key_t, sign, bool,
-	private_agent_private_key_t *this, signature_scheme_t scheme,
+	private_agent_private_key_t *this, signature_scheme_t scheme, void *params,
 	chunk_t data, chunk_t *signature)
 {
 	uint32_t len, flags;
diff --git a/src/libstrongswan/plugins/bliss/bliss_private_key.c b/src/libstrongswan/plugins/bliss/bliss_private_key.c
index 25253ed37..964edcd93 100644
--- a/src/libstrongswan/plugins/bliss/bliss_private_key.c
+++ b/src/libstrongswan/plugins/bliss/bliss_private_key.c
@@ -512,7 +512,7 @@ end:
 }
 
 METHOD(private_key_t, sign, bool,
-	private_bliss_private_key_t *this, signature_scheme_t scheme,
+	private_bliss_private_key_t *this, signature_scheme_t scheme, void *params,
 	chunk_t data, chunk_t *signature)
 {
 	switch (scheme)
diff --git a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c b/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c
index dc50115f3..908ea910d 100644
--- a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c
+++ b/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c
@@ -118,7 +118,7 @@ START_TEST(test_bliss_sign_all)
 		/* generate and verify 1000 BLISS signatures */
 		while (verify_count--)
 		{
-			ck_assert(privkey->sign(privkey, signature_scheme, msg,
+			ck_assert(privkey->sign(privkey, signature_scheme, NULL, msg,
 									&signature));
 			ck_assert(pubkey->verify(pubkey, signature_scheme, NULL, msg,
 									 signature));
@@ -172,11 +172,11 @@ START_TEST(test_bliss_sign_fail)
 	ck_assert(!privkey->decrypt(privkey, ENCRYPT_UNKNOWN, chunk_empty, NULL));
 
 	/* sign with invalid signature scheme */
-	ck_assert(!privkey->sign(privkey, SIGN_UNKNOWN, msg, &signature));
+	ck_assert(!privkey->sign(privkey, SIGN_UNKNOWN, NULL, msg, &signature));
 
 	/* generate valid signature */
 	msg = chunk_from_str("Hello Dolly!");
-	ck_assert(privkey->sign(privkey, SIGN_BLISS_WITH_SHA2_512, msg, &signature));
+	ck_assert(privkey->sign(privkey, SIGN_BLISS_WITH_SHA2_512, NULL, msg, &signature));
 
 	/* verify with invalid signature scheme */
 	ck_assert(!pubkey->verify(pubkey, SIGN_UNKNOWN, NULL, msg, signature));
diff --git a/src/libstrongswan/plugins/curve25519/curve25519_private_key.c b/src/libstrongswan/plugins/curve25519/curve25519_private_key.c
index 2a7303c4b..878be4ca5 100644
--- a/src/libstrongswan/plugins/curve25519/curve25519_private_key.c
+++ b/src/libstrongswan/plugins/curve25519/curve25519_private_key.c
@@ -63,7 +63,7 @@ METHOD(private_key_t, get_type, key_type_t,
 
 METHOD(private_key_t, sign, bool,
 	private_curve25519_private_key_t *this, signature_scheme_t scheme,
-	chunk_t data, chunk_t *signature)
+	void *params, chunk_t data, chunk_t *signature)
 {
 	uint8_t r[HASH_SIZE_SHA512], k[HASH_SIZE_SHA512], sig[HASH_SIZE_SHA512];
 	hasher_t *hasher;
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
index 15b876b3f..71bc4c902 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
@@ -200,7 +200,7 @@ METHOD(private_key_t, get_type, key_type_t,
 
 METHOD(private_key_t, sign, bool,
 	private_gcrypt_rsa_private_key_t *this, signature_scheme_t scheme,
-	chunk_t data, chunk_t *sig)
+	void *params, chunk_t data, chunk_t *sig)
 {
 	switch (scheme)
 	{
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
index 21b420866..ae376b9d0 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
@@ -341,7 +341,7 @@ METHOD(private_key_t, get_type, key_type_t,
 
 METHOD(private_key_t, sign, bool,
 	private_gmp_rsa_private_key_t *this, signature_scheme_t scheme,
-	chunk_t data, chunk_t *signature)
+	void *params, chunk_t data, chunk_t *signature)
 {
 	switch (scheme)
 	{
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
index d187c06ed..364190758 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
@@ -151,7 +151,7 @@ static bool build_der_signature(private_openssl_ec_private_key_t *this,
 
 METHOD(private_key_t, sign, bool,
 	private_openssl_ec_private_key_t *this, signature_scheme_t scheme,
-	chunk_t data, chunk_t *signature)
+	void *params, chunk_t data, chunk_t *signature)
 {
 	switch (scheme)
 	{
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
index fd624e6a3..f2c320f55 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
@@ -149,7 +149,7 @@ METHOD(private_key_t, get_type, key_type_t,
 
 METHOD(private_key_t, sign, bool,
 	private_openssl_rsa_private_key_t *this, signature_scheme_t scheme,
-	chunk_t data, chunk_t *signature)
+	void *params, chunk_t data, chunk_t *signature)
 {
 	switch (scheme)
 	{
diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.c b/src/libstrongswan/plugins/pgp/pgp_builder.c
index fe0be45d9..e8f5c5ddf 100644
--- a/src/libstrongswan/plugins/pgp/pgp_builder.c
+++ b/src/libstrongswan/plugins/pgp/pgp_builder.c
@@ -116,21 +116,17 @@ static private_key_t *parse_rsa_private_key(chunk_t blob)
 						BUILD_END);
 }
 
-/**
- * Implementation of private_key_t.sign for encryption-only keys
- */
-static bool sign_not_allowed(private_key_t *this, signature_scheme_t scheme,
-							 chunk_t data, chunk_t *signature)
+METHOD(private_key_t, sign_not_allowed, bool,
+	private_key_t *this, signature_scheme_t scheme, void *params,
+	chunk_t data, chunk_t *signature)
 {
 	DBG1(DBG_LIB, "signing failed - decryption only key");
 	return FALSE;
 }
 
-/**
- * Implementation of private_key_t.decrypt for signature-only keys
- */
-static bool decrypt_not_allowed(private_key_t *this, encryption_scheme_t scheme,
-								chunk_t crypto, chunk_t *plain)
+METHOD(private_key_t, decrypt_not_allowed, bool,
+	private_key_t *this, encryption_scheme_t scheme,
+	chunk_t crypto, chunk_t *plain)
 {
 	DBG1(DBG_LIB, "decryption failed - signature only key");
 	return FALSE;
@@ -186,7 +182,7 @@ static private_key_t *parse_private_key(chunk_t blob)
 									  BUILD_BLOB_PGP, packet, BUILD_END);
 			if (key)
 			{
-				key->sign = sign_not_allowed;
+				key->sign = _sign_not_allowed;
 			}
 			return key;
 		case PGP_PUBKEY_ALG_RSA_SIGN_ONLY:
@@ -194,7 +190,7 @@ static private_key_t *parse_private_key(chunk_t blob)
 									  BUILD_BLOB_PGP, packet, BUILD_END);
 			if (key)
 			{
-				key->decrypt = decrypt_not_allowed;
+				key->decrypt = _decrypt_not_allowed;
 			}
 			return key;
 		case PGP_PUBKEY_ALG_ECDSA:
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
index 1d1016911..6158f6d25 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
@@ -243,7 +243,7 @@ static bool reauth(private_pkcs11_private_key_t *this,
 }
 
 METHOD(private_key_t, sign, bool,
-	private_pkcs11_private_key_t *this, signature_scheme_t scheme,
+	private_pkcs11_private_key_t *this, signature_scheme_t scheme, void *params,
 	chunk_t data, chunk_t *signature)
 {
 	CK_MECHANISM_PTR mechanism;
diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c
index 4d822a4f7..9b6d3a808 100644
--- a/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_signed_data.c
@@ -564,7 +564,7 @@ static bool generate(private_pkcs7_signed_data_t *this, private_key_t *key,
 
 	attributes = pkcs9->get_encoding(pkcs9);
 
-	if (!key->sign(key, scheme, attributes, &encryptedDigest))
+	if (!key->sign(key, scheme, NULL, attributes, &encryptedDigest))
 	{
 		free(data.ptr);
 		return FALSE;
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c
index a01b27049..2a1ef638b 100644
--- a/src/libstrongswan/plugins/x509/x509_ac.c
+++ b/src/libstrongswan/plugins/x509/x509_ac.c
@@ -763,7 +763,7 @@ static bool build_ac(private_x509_ac_t *this)
 	chunk_t signatureValue, attributeCertificateInfo;
 
 	attributeCertificateInfo = build_attr_cert_info(this);
-	if (!this->signerKey->sign(this->signerKey, SIGN_RSA_EMSA_PKCS1_SHA1,
+	if (!this->signerKey->sign(this->signerKey, SIGN_RSA_EMSA_PKCS1_SHA1, NULL,
 							   attributeCertificateInfo, &signatureValue))
 	{
 		free(attributeCertificateInfo.ptr);
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index c626859ae..6d2fb9de7 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -2562,7 +2562,8 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
 		subject->get_encoding(subject),
 		key_info, extensions);
 
-	if (!sign_key->sign(sign_key, scheme, cert->tbsCertificate, &cert->signature))
+	if (!sign_key->sign(sign_key, scheme, NULL, cert->tbsCertificate,
+						&cert->signature))
 	{
 		return FALSE;
 	}
diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c
index 5896aa205..8ea70252f 100644
--- a/src/libstrongswan/plugins/x509/x509_crl.c
+++ b/src/libstrongswan/plugins/x509/x509_crl.c
@@ -787,7 +787,7 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert,
 							asn1_wrap(ASN1_SEQUENCE, "m", certList),
 							extensions);
 
-	if (!key->sign(key, signature_scheme_from_oid(this->algorithm),
+	if (!key->sign(key, signature_scheme_from_oid(this->algorithm), NULL,
 				   this->tbsCertList, &this->signature))
 	{
 		return FALSE;
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c
index aef76af32..de2ad9878 100644
--- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c
+++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c
@@ -276,7 +276,7 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this,
 			return chunk_empty;
 	}
 
-	if (!this->key->sign(this->key, scheme, tbsRequest, &signature))
+	if (!this->key->sign(this->key, scheme, NULL, tbsRequest, &signature))
 	{
 		DBG1(DBG_LIB, "creating OCSP signature failed, skipped");
 		return chunk_empty;
diff --git a/src/libstrongswan/plugins/x509/x509_pkcs10.c b/src/libstrongswan/plugins/x509/x509_pkcs10.c
index 545554172..beeb436ab 100644
--- a/src/libstrongswan/plugins/x509/x509_pkcs10.c
+++ b/src/libstrongswan/plugins/x509/x509_pkcs10.c
@@ -584,7 +584,7 @@ static bool generate(private_x509_pkcs10_t *cert, private_key_t *sign_key,
 							key_info,
 							attributes);
 
-	if (!sign_key->sign(sign_key, scheme, cert->certificationRequestInfo,
+	if (!sign_key->sign(sign_key, scheme, NULL, cert->certificationRequestInfo,
 						&cert->signature))
 	{
 		return FALSE;
diff --git a/src/libstrongswan/tests/suites/test_ecdsa.c b/src/libstrongswan/tests/suites/test_ecdsa.c
index d30d87ecf..6edae81ae 100644
--- a/src/libstrongswan/tests/suites/test_ecdsa.c
+++ b/src/libstrongswan/tests/suites/test_ecdsa.c
@@ -57,7 +57,7 @@ static void test_good_sig(private_key_t *privkey, public_key_t *pubkey)
 		{
 			continue;
 		}
-		fail_unless(privkey->sign(privkey, schemes[i].scheme, data, &sig),
+		fail_unless(privkey->sign(privkey, schemes[i].scheme, NULL, data, &sig),
 					"sign %N", signature_scheme_names, schemes[i].scheme);
 		fail_unless(pubkey->verify(pubkey, schemes[i].scheme, NULL, data, sig),
 					"verify %N", signature_scheme_names, schemes[i].scheme);
diff --git a/src/libstrongswan/tests/suites/test_ed25519.c b/src/libstrongswan/tests/suites/test_ed25519.c
index 6fbec126d..86cbb1bc0 100644
--- a/src/libstrongswan/tests/suites/test_ed25519.c
+++ b/src/libstrongswan/tests/suites/test_ed25519.c
@@ -297,7 +297,7 @@ START_TEST(test_ed25519_sign)
 	ck_assert(public->equals(public, pubkey));
 
 	/* sign */
-	ck_assert(key->sign(key, SIGN_ED25519, sig_tests[_i].msg, &sig));
+	ck_assert(key->sign(key, SIGN_ED25519, NULL, sig_tests[_i].msg, &sig));
 	ck_assert(sig.len == 64);
 	ck_assert(chunk_equals(sig, sig_tests[_i].sig));
 
@@ -340,10 +340,10 @@ START_TEST(test_ed25519_gen)
 	ck_assert(!key->decrypt(key, ENCRYPT_UNKNOWN, msg, NULL));
 
 	/* wrong signature scheme */
-	ck_assert(!key->sign(key, SIGN_ED448, msg, &sig));
+	ck_assert(!key->sign(key, SIGN_ED448, NULL, msg, &sig));
 
 	/* correct signature scheme*/
-	ck_assert(key->sign(key, SIGN_ED25519, msg, &sig));
+	ck_assert(key->sign(key, SIGN_ED25519, NULL, msg, &sig));
 
 	/* export public key */
 	pubkey = key->get_public_key(key);
@@ -404,7 +404,7 @@ START_TEST(test_ed25519_speed)
 		key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ED25519,
 								 BUILD_KEY_SIZE, 256, BUILD_END);
 		ck_assert(key != NULL);
-		ck_assert(key->sign(key, SIGN_ED25519, msg, &sig));
+		ck_assert(key->sign(key, SIGN_ED25519, NULL, msg, &sig));
 		pubkey = key->get_public_key(key);
 		ck_assert(pubkey != NULL);
 		ck_assert(pubkey->verify(pubkey, SIGN_ED25519, NULL, msg, sig));
diff --git a/src/libstrongswan/tests/suites/test_rsa.c b/src/libstrongswan/tests/suites/test_rsa.c
index a1559802d..07a731068 100644
--- a/src/libstrongswan/tests/suites/test_rsa.c
+++ b/src/libstrongswan/tests/suites/test_rsa.c
@@ -47,7 +47,7 @@ static void test_good_sig(private_key_t *privkey, public_key_t *pubkey)
 		{
 			continue;
 		}
-		fail_unless(privkey->sign(privkey, schemes[i], data, &sig),
+		fail_unless(privkey->sign(privkey, schemes[i], NULL, data, &sig),
 					"sign %N", signature_scheme_names, schemes[i]);
 		fail_unless(pubkey->verify(pubkey, schemes[i], NULL, data, sig),
 					"verify %N", signature_scheme_names, schemes[i]);
diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index 29af5d978..7f7742e88 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -1428,7 +1428,7 @@ METHOD(tls_crypto_t, sign, bool,
 			{
 				scheme = hashsig_to_scheme(key->get_type(key), hash, alg);
 				if (scheme != SIGN_UNKNOWN &&
-					key->sign(key, scheme, data, &sig))
+					key->sign(key, scheme, NULL, data, &sig))
 				{
 					done = TRUE;
 					break;
@@ -1460,7 +1460,8 @@ METHOD(tls_crypto_t, sign, bool,
 				{
 					return FALSE;
 				}
-				done = key->sign(key, SIGN_RSA_EMSA_PKCS1_NULL, hash, &sig);
+				done = key->sign(key, SIGN_RSA_EMSA_PKCS1_NULL, NULL, hash,
+								 &sig);
 				free(hash.ptr);
 				if (!done)
 				{
@@ -1469,7 +1470,7 @@ METHOD(tls_crypto_t, sign, bool,
 				DBG2(DBG_TLS, "created signature with MD5+SHA1/RSA");
 				break;
 			case KEY_ECDSA:
-				if (!key->sign(key, SIGN_ECDSA_WITH_SHA1_DER, data, &sig))
+				if (!key->sign(key, SIGN_ECDSA_WITH_SHA1_DER, NULL, data, &sig))
 				{
 					return FALSE;
 				}
diff --git a/src/libtpmtss/plugins/tpm/tpm_private_key.c b/src/libtpmtss/plugins/tpm/tpm_private_key.c
index bd5a8baeb..0df5ee94c 100644
--- a/src/libtpmtss/plugins/tpm/tpm_private_key.c
+++ b/src/libtpmtss/plugins/tpm/tpm_private_key.c
@@ -76,7 +76,7 @@ METHOD(private_key_t, get_keysize, int,
 }
 
 METHOD(private_key_t, sign, bool,
-	private_tpm_private_key_t *this, signature_scheme_t scheme,
+	private_tpm_private_key_t *this, signature_scheme_t scheme, void *params,
 	chunk_t data, chunk_t *signature)
 {
 	chunk_t pin = chunk_empty;
@@ -191,7 +191,7 @@ tpm_private_key_t *tpm_private_key_connect(key_type_t type, va_list args)
 	if (!tpm)
 	{
 		DBG1(DBG_LIB, "no TPM 2.0 found");
-		return NULL;	
+		return NULL;
 	}
 
 	INIT(this,
author	Tobias Brunner <tobias@strongswan.org>	2017-09-19 17:26:58 +0200
committer	Tobias Brunner <tobias@strongswan.org>	2017-11-08 16:48:10 +0100
commit	de280c2e031730dc3c2ddcc291b1db5ee61a97d9 (patch)
tree	18b731fb0ec7c7066ed519501e293c36891f28b3 /src
parent	a413571f3bd9c94db02d8a3c026e87d57f5d120a (diff)
download	strongswan-de280c2e031730dc3c2ddcc291b1db5ee61a97d9.tar.bz2 strongswan-de280c2e031730dc3c2ddcc291b1db5ee61a97d9.tar.xz