From 8d50c82b43b34b70d19b0faaeab6b37f2eae066c Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Wed, 2 Nov 2016 15:05:46 -0400 Subject: Remove automatic self-testing of public and private keys Rarely expected and often causes performance problems, especially for private keys. Instead applications should call check_key explicitly to validate keys when necessary. Note this removal doesn't apply to tests like ECDH on-the-curve tests, where a check on the public key is required for security of our own key. Updates most APIs to remove RNG calls, where they are no longer required. Exception is PKCS8 interface, pending further work there (see GH #685) it just ignores the RNG argument now. --- src/lib/pubkey/pkcs8.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'src/lib/pubkey/pkcs8.h') diff --git a/src/lib/pubkey/pkcs8.h b/src/lib/pubkey/pkcs8.h index 9cc350285..34c687ec1 100644 --- a/src/lib/pubkey/pkcs8.h +++ b/src/lib/pubkey/pkcs8.h @@ -82,7 +82,7 @@ PEM_encode(const Private_Key& key, /** * Load an encrypted key from a data source. * @param source the data source providing the encoded key -* @param rng the rng to use +* @param rng ignored for compatability * @param get_passphrase a function that returns passphrases * @return loaded private key object */ @@ -92,7 +92,7 @@ BOTAN_DLL Private_Key* load_key(DataSource& source, /** Load an encrypted key from a data source. * @param source the data source providing the encoded key -* @param rng the rng to use +* @param rng ignored for compatability * @param pass the passphrase to decrypt the key * @return loaded private key object */ @@ -102,7 +102,7 @@ BOTAN_DLL Private_Key* load_key(DataSource& source, /** Load an unencrypted key from a data source. * @param source the data source providing the encoded key -* @param rng the rng to use +* @param rng ignored for compatability * @return loaded private key object */ BOTAN_DLL Private_Key* load_key(DataSource& source, @@ -112,7 +112,7 @@ BOTAN_DLL Private_Key* load_key(DataSource& source, /** * Load an encrypted key from a file. * @param filename the path to the file containing the encoded key -* @param rng the rng to use +* @param rng ignored for compatability * @param get_passphrase a function that returns passphrases * @return loaded private key object */ @@ -122,7 +122,7 @@ BOTAN_DLL Private_Key* load_key(const std::string& filename, /** Load an encrypted key from a file. * @param filename the path to the file containing the encoded key -* @param rng the rng to use +* @param rng ignored for compatability * @param pass the passphrase to decrypt the key * @return loaded private key object */ @@ -132,7 +132,7 @@ BOTAN_DLL Private_Key* load_key(const std::string& filename, /** Load an unencrypted key from a file. * @param filename the path to the file containing the encoded key -* @param rng the rng to use +* @param rng ignored for compatability * @return loaded private key object */ BOTAN_DLL Private_Key* load_key(const std::string& filename, @@ -142,7 +142,7 @@ BOTAN_DLL Private_Key* load_key(const std::string& filename, /** * Copy an existing encoded key object. * @param key the key to copy -* @param rng the rng to use +* @param rng ignored for compatability * @return new copy of the key */ BOTAN_DLL Private_Key* copy_key(const Private_Key& key, -- cgit v1.2.3