diff options
-rw-r--r-- | doc/todo.rst | 5 | ||||
-rw-r--r-- | src/lib/ffi/ffi.cpp | 15 | ||||
-rw-r--r-- | src/lib/ffi/ffi.h | 7 | ||||
-rw-r--r-- | src/tests/test_ffi.cpp | 3 |
4 files changed, 28 insertions, 2 deletions
diff --git a/doc/todo.rst b/doc/todo.rst index 22b5cbb8a..b3ad697e8 100644 --- a/doc/todo.rst +++ b/doc/todo.rst @@ -119,7 +119,10 @@ Compat Headers FFI and Bindings ---------------------------------------- -* Expose certificates +* Expose BigInt +* Expose compression +* Expose a raw block cipher interface +* Expose more of X.509 (CRLs, OCSP, cert signing, etc) * Expose TLS * Write a CLI or HTTPS client in Python diff --git a/src/lib/ffi/ffi.cpp b/src/lib/ffi/ffi.cpp index 00d1433b1..9c5b837fb 100644 --- a/src/lib/ffi/ffi.cpp +++ b/src/lib/ffi/ffi.cpp @@ -954,6 +954,21 @@ int botan_pubkey_algo_name(botan_pubkey_t key, char out[], size_t* out_len) return BOTAN_FFI_DO(Botan::Public_Key, key, k, { return write_str_output(out, out_len, k.algo_name()); }); } +int botan_pubkey_check_key(botan_pubkey_t key, botan_rng_t rng, uint32_t flags) + { + const bool strong = (flags & BOTAN_CHECK_KEY_EXPENSIVE_TESTS); + + return BOTAN_FFI_DO(Botan::Public_Key, key, k, + { return (k.check_key(safe_get(rng), strong) == true) ? 0 : 1; }); + } + +int botan_privkey_check_key(botan_privkey_t key, botan_rng_t rng, uint32_t flags) + { + const bool strong = (flags & BOTAN_CHECK_KEY_EXPENSIVE_TESTS); + return BOTAN_FFI_DO(Botan::Private_Key, key, k, + { return (k.check_key(safe_get(rng), strong) == true) ? 0 : 1; }); + } + int botan_pubkey_export(botan_pubkey_t key, uint8_t out[], size_t* out_len, uint32_t flags) { return BOTAN_FFI_DO(Botan::Public_Key, key, k, { diff --git a/src/lib/ffi/ffi.h b/src/lib/ffi/ffi.h index 264c3d24d..8ac9f3c82 100644 --- a/src/lib/ffi/ffi.h +++ b/src/lib/ffi/ffi.h @@ -473,12 +473,15 @@ BOTAN_DLL int botan_privkey_create(botan_privkey_t* key, const char* algo_params, botan_rng_t rng); +#define BOTAN_CHECK_KEY_EXPENSIVE_TESTS 1 + +BOTAN_DLL int botan_privkey_check_key(botan_privkey_t key, botan_rng_t rng, uint32_t flags); + BOTAN_DLL int botan_privkey_create_rsa(botan_privkey_t* key, botan_rng_t rng, size_t n_bits); BOTAN_DLL int botan_privkey_create_ecdsa(botan_privkey_t* key, botan_rng_t rng, const char* params); BOTAN_DLL int botan_privkey_create_ecdh(botan_privkey_t* key, botan_rng_t rng, const char* params); BOTAN_DLL int botan_privkey_create_mceliece(botan_privkey_t* key, botan_rng_t rng, size_t n, size_t t); - /* * Input currently assumed to be PKCS #8 structure; * Set password to NULL to indicate no encryption expected @@ -523,6 +526,8 @@ BOTAN_DLL int botan_pubkey_export(botan_pubkey_t key, uint8_t out[], size_t* out BOTAN_DLL int botan_pubkey_algo_name(botan_pubkey_t key, char out[], size_t* out_len); +BOTAN_DLL int botan_pubkey_check_key(botan_pubkey_t key, botan_rng_t rng, uint32_t flags); + BOTAN_DLL int botan_pubkey_estimated_strength(botan_pubkey_t key, size_t* estimate); BOTAN_DLL int botan_pubkey_fingerprint(botan_pubkey_t key, const char* hash, diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp index 3e272d9cb..9c314c5ff 100644 --- a/src/tests/test_ffi.cpp +++ b/src/tests/test_ffi.cpp @@ -485,8 +485,11 @@ class FFI_Unit_Tests : public Test botan_privkey_t priv; if(TEST_FFI_OK(botan_privkey_create_rsa, (&priv, rng, 1024))) { + TEST_FFI_OK(botan_privkey_check_key, (priv, rng, 0)); + botan_pubkey_t pub; TEST_FFI_OK(botan_privkey_export_pubkey, (&pub, priv)); + TEST_FFI_OK(botan_pubkey_check_key, (pub, rng, 0)); ffi_test_pubkey_export(result, pub, priv, rng); |