aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/pk_keys.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-181-3/+3
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Add Private_Key::private_key_info()René Korthaus2016-12-051-1/+14
| | | | | | | Adds new Private_Key::private_key_info() that returns a PKCS#8 PrivateKeyInfo structure. Renames the current Private_Key::pkcs8_private_key() to private_key_bits(). BER_encode() just invokes private_key_info().
* Add Public_Key::subject_public_key()René Korthaus2016-12-051-0/+10
| | | | | | | Adds new Public_Key::subject_public_key() that returns a X.509 SubjectPublicKey structure. Renames the current Public_Key::x509_subject_public_key() to public_key_bits(). BER_encode() just invokes subject_public_key().
* Expose pk_ops.h as public interface againJack Lloyd2016-12-041-1/+1
| | | | | | | | | | | | I was initially thinking of Botan as somewhat closed system, but @cordney has a legit use case of wanting to expose a TPM sign operation, but using their internal TPM library and TPM key type. This requires the API be exposed so the derivation can occur. Add a comment in the header explaining that the header is not for normal application use and directing them to pubkey.h This basically reverts 2747e8e23aec43162
* Remove automatic self-testing of public and private keysJack Lloyd2016-11-031-27/+0
| | | | | | | | | | | | | Rarely expected and often causes performance problems, especially for private keys. Instead applications should call check_key explicitly to validate keys when necessary. Note this removal doesn't apply to tests like ECDH on-the-curve tests, where a check on the public key is required for security of our own key. Updates most APIs to remove RNG calls, where they are no longer required. Exception is PKCS8 interface, pending further work there (see GH #685) it just ignores the RNG argument now.
* Make pk_ops.h internalJack Lloyd2016-10-081-1/+1
| | | | Some fixes for missing system_rng in ECIES and tests.
* Revert PK_Verifier change (don't require RNG there).Jack Lloyd2016-10-071-2/+1
| | | | | | | Verification is deterministic and public, so really no RNG is ever needed. Change provider handling - accepts "base", "openssl", or empty, otherwise throws a Provider_Not_Found exception.
* Remove Algo_Registry usage from public key code.Jack Lloyd2016-10-071-0/+57
| | | | | | | | Instead the key types exposes operations like `create_encryption_op` which will return the relevant operation if the algorithm supports it. Changes pubkey.h interface, now RNG is passed at init time. Blinder previous created its own RNG, now it takes it from app.
* 2nd review roundseu2016-10-021-0/+26
|
* V816 It is more efficient to catch exception by reference rather than by ↵Daniel Neus2016-02-081-1/+1
| | | | value. asn1_time.cpp 159
* Make Montgomery reduction constant time.Jack Lloyd2015-10-241-3/+3
| | | | | | | | | | | | | | It was already close, but the carry loop would break early and selecting which value to copy out was indexed on the borrow bit. Have the carry loop run through, and add a const-time conditional copy operation and use that to copy the output. Convert ct_utils to CT namespace. Templatize the utils, which I was hesitant to do initially but is pretty useful when dealing with arbitrary word sizes. Remove the poison macros, replace with inline funcs which reads cleaner at the call site.
* Ensure all files have copyright and license info.lloyd2015-01-101-1/+1
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* Move lib into srclloyd2014-01-101-0/+55
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-13 12:44:44 +0000