| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
|
|
| |
An issue in #1936 indicated that X509_DN operator< was not
behaving correctly. Indeed, DNs could compare in such a way
that DN1 < DN2 && DN2 < DN1. STL containers do not like this.
|
|
|
|
|
| |
A few older APIs use as_string where everywhere else uses to_string.
Add to_string's where missing, and deprecate X::as_string.
|
| |
|
| |
|
|
|
|
| |
Reduces size of oid_maps object file by a ~16K
|
|
|
|
|
|
| |
This was removed in 62e55f484a7a03e2532875696eb2479a577878e9 in favor of
a faster and smaller lookup. The ability is however required if we want
to use custom curves at runtime.
|
| |
|
|
|
|
| |
certificates
|
|
|
|
| |
Signed-off-by: Fabian Weissberg <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
Thanks to @noloader for pointing me at draft-jivsov-openpgp-sha3-01
which has the correct values.
Adds a test so this can't happen again.
|
| |
|
|
|
|
|
|
| |
From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
This is a contribution from Ribose Inc (@riboseinc).
|
| |
|
|
|
|
| |
This work was sponsored by Ribose Inc
|
| |
|
|
|
|
| |
[ci skip]
|
|
|
|
| |
Add some try/catch blocks to the X.509 tests, and use create_private_key API
|
|
|
|
|
| |
Also CCM OIDS, and SHA-384/SHA-512 DSA OIDs. All from NIST:
http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[1] XMSS: Extended Hash-Based Signatures,
draft-itrf-cfrg-xmss-hash-based-signatures-06
Release: July 2016.
https://datatracker.ietf.org/doc/
draft-irtf-cfrg-xmss-hash-based-signatures/?include_text=1
Provides XMSS_PublicKey and XMSS_PrivateKey classes as well as implementations
for the Botan interfaces PK_Ops::Signature and PK_Ops::Verification. XMSS has
been integrated into the Botan test bench, signature generation and verification
can be tested independently by invoking "botan-test xmss_sign" and
"botan-test xmss_verify"
- Some headers that are not required to be exposed to users of the library have
to be declared as public in `info.txt`. Declaring those headers private will
cause the amalgamation build to fail. The following headers have been
declared public inside `info.txt`, even though they are only intended for
internal use:
* atomic.h
* xmss_hash.h
* xmss_index_registry.h
* xmss_address.h
* xmss_common_ops.h
* xmss_tools.h
* xmss_wots_parameters.h
* xmss_wots_privatekey.h
* xmss_wots_publickey.h
- XMSS_Verification_Operation Requires the "randomness" parameter out of the
XMSS signature. "Randomness" is part of the prefix that is hashed *before*
the message. Since the signature is unknown till sign() is called, all
message content has to be buffered. For large messages this can be
inconvenient or impossible.
**Possible solution**: Change PK_Ops::Verification interface to take
the signature as constructor argument, and provide a setter method to be able
to update reuse the instance on multiple signatures. Make sign a parameterless
member call. This solution requires interface changes in botan.
**Suggested workaround** for signing large messages is to not sign the message
itself, but to precompute the message hash manually using Botan::HashFunctio
and sign the message hash instead of the message itself.
- Some of the available test vectors for the XMSS signature verification have
been commented out in order to reduce testbench runtime.
|
| |
|
|
|
|
|
|
| |
One additional, application-specific curve can be added
at compile time, using the new
configure.py --house-curve=curve.pem,funky311,1.2.3.4,FEFF.
|
|
OID map is now generated from an input file on an as needed basis.
Just uses a sequence of ifs - simple, fast, and small code size.
Merges oid_lookup sub-module which was already required by asn1 anyway,
so completely non-optional.
Removes @neusdan's nice OID tests since without any runtime adds the
tests are moot.
|