chiark / gitweb /
sig: Move hashing into algorithm
I think it should be up to the pk algorithm to decide on the hash
function, at least in the usual case. When we have key rollover and
proper enrolment, a public key declaration by a site should specify
precisely the validation algorithm including the hash function.
For `rsa' we can't do that because in theory people might have bound
the `hash' config key to something unusual. So provide a way for that
to work. The approach is to have site.c (the only caller of the sig
closures) find out whether to do the `hash' config key lookup by
seeing whether the pk algorithm wants it.
Then we can move all the hash-related machinations into rsa.c. (A
future pk algorithm can do this a lot more simply by calling the
appropriate hash functions directly.)
An effect is to move the allocation of the hash result buffer from
per-packet to initialisation (!)
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>