| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
Verification is deterministic and public, so really no RNG is ever needed.
Change provider handling - accepts "base", "openssl", or empty, otherwise
throws a Provider_Not_Found exception.
|
| |
|
|
|
|
|
|
| |
Instead the key types exposes operations like `create_encryption_op`
which will return the relevant operation if the algorithm supports it.
Changes pubkey.h interface, now RNG is passed at init time.
Blinder previous created its own RNG, now it takes it from app.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds copyright notices for Juraj Somorovsky and Christian Mainka of Hackmanit
for the changes in 7c7fcecbe6a and 6d327f879c
Add Policy::check_peer_key_acceptable which lets the app set an arbitrary
callback for examining keys - both the end entity signature keys from
certificates and the peer PFS public keys. Default impl checks that the
algorithm size matches the min keylength. This centralizes this logic
and lets the application do interesting things.
Adds a policy for ECDSA group size checks.
Increases default policy minimums to 2048 RSA and 256 ECC.
(Maybe I'm an optimist after all.)
|
| |
|
|
| |
warnings.
|
| |
|
|
|
|
| |
Previously the signature hashes and algos info was used to set the v1.2
signature_algorithms extension, but if the counterparty ignored the
extension and sent something else, we wouldn't notice.
|
| |
|
|
| |
fix PVS-Studio perfomance warnings
|
| |
|
|
| |
Remove global PRNG.
|
| | |
|
| |
|
|
|
| |
Update license header line to specify the terms and refer to the file,
neither of which it included before.
|
| | |
|
| | |
|
| |
|
