Virgil Security Crypto library
2.6.3
|
This class handles information about Virgil Security key pair. More...
#include <VirgilKeyPair.h>
Public Types | |
enum | Type { Type::RSA_256, Type::RSA_512, Type::RSA_1024, Type::RSA_2048, Type::RSA_3072, Type::RSA_4096, Type::RSA_8192, Type::EC_SECP192R1, Type::EC_SECP224R1, Type::EC_SECP256R1, Type::EC_SECP384R1, Type::EC_SECP521R1, Type::EC_BP256R1, Type::EC_BP384R1, Type::EC_BP512R1, Type::EC_SECP192K1, Type::EC_SECP224K1, Type::EC_SECP256K1, Type::EC_CURVE25519, Type::FAST_EC_X25519, Type::FAST_EC_ED25519 } |
Specific key algorithm type. More... | |
using | Algorithm = Type |
Key algorithm. | |
Public Member Functions | |
VirgilKeyPair (const VirgilByteArray &publicKey, const VirgilByteArray &privateKey) | |
Initialize key pair with given public and private key. | |
VirgilByteArray | publicKey () const |
Provide access to the public key. | |
VirgilByteArray | privateKey () const |
Provide access to the private key. | |
Static Public Member Functions | |
static VirgilKeyPair | generate (VirgilKeyPair::Type type, const VirgilByteArray &pwd=VirgilByteArray()) |
Generate new key pair given type. More... | |
static VirgilKeyPair | generateRecommended (const VirgilByteArray &pwd=VirgilByteArray()) |
Generate new key pair with recommended most safe type. More... | |
static VirgilKeyPair | generateFrom (const VirgilKeyPair &donorKeyPair, const VirgilByteArray &donorPrivateKeyPassword=VirgilByteArray(), const VirgilByteArray &newKeyPairPassword=VirgilByteArray()) |
Generate new key pair of the same type based on the donor key pair. More... | |
static VirgilKeyPair | generateFromKeyMaterial (VirgilKeyPair::Type type, const VirgilByteArray &keyMaterial, const VirgilByteArray &pwd=VirgilByteArray()) |
Generates private and public keys from the given key material. More... | |
static VirgilKeyPair | generateRecommendedFromKeyMaterial (const VirgilByteArray &keyMaterial, const VirgilByteArray &pwd=VirgilByteArray()) |
Generates recommended private and public keys from the given key material. More... | |
Keys validation | |
static bool | isKeyPairMatch (const VirgilByteArray &publicKey, const VirgilByteArray &privateKey, const VirgilByteArray &privateKeyPassword=VirgilByteArray()) |
Check if a public-private pair of keys matches. More... | |
static bool | checkPrivateKeyPassword (const VirgilByteArray &key, const VirgilByteArray &pwd) |
Check if given private key and it's password matches. More... | |
static bool | isPrivateKeyEncrypted (const VirgilByteArray &privateKey) |
Check if given private key is encrypted. More... | |
Keys | |
static VirgilByteArray | resetPrivateKeyPassword (const VirgilByteArray &privateKey, const VirgilByteArray &oldPassword, const VirgilByteArray &newPassword) |
Reset password for the given private key. More... | |
static VirgilByteArray | encryptPrivateKey (const VirgilByteArray &privateKey, const VirgilByteArray &privateKeyPassword) |
Return encrypted private key in PKCS#8 format. More... | |
static VirgilByteArray | decryptPrivateKey (const VirgilByteArray &privateKey, const VirgilByteArray &privateKeyPassword) |
Return plain (non encrypted) private key. More... | |
static VirgilByteArray | extractPublicKey (const VirgilByteArray &privateKey, const VirgilByteArray &privateKeyPassword) |
Extract public key from the private key. More... | |
static VirgilByteArray | publicKeyToPEM (const VirgilByteArray &publicKey) |
Convert given public key to the PEM format. More... | |
static VirgilByteArray | publicKeyToDER (const VirgilByteArray &publicKey) |
Convert given public key to the DER format. More... | |
static VirgilByteArray | privateKeyToPEM (const VirgilByteArray &privateKey, const VirgilByteArray &privateKeyPassword=VirgilByteArray()) |
Convert given private key to the PEM format. More... | |
static VirgilByteArray | privateKeyToDER (const VirgilByteArray &privateKey, const VirgilByteArray &privateKeyPassword=VirgilByteArray()) |
Convert given private key to the DER format. More... | |
This class handles information about Virgil Security key pair.
|
strong |
Specific key algorithm type.
Key Algorithm | Description | Notes |
---|---|---|
RSA_256 | RSA 1024 bit | weak, not recommended |
RSA_512 | RSA 1024 bit | weak, not recommended |
RSA_1024 | RSA 1024 bit | weak, not recommended |
RSA_2048 | RSA 2048 bit | weak, not recommended |
RSA_3072 | RSA 3072 bit | |
RSA_4096 | RSA 4096 bit | |
RSA_8192 | RSA 8192 bit | |
EC_SECP192R1 | 192-bits NIST curve | |
EC_SECP224R1 | 224-bits NIST curve | |
EC_SECP256R1 | 256-bits NIST curve | |
EC_SECP384R1 | 384-bits NIST curve | |
EC_SECP521R1 | 521-bits NIST curve | |
EC_BP256R1 | 256-bits Brainpool curve | |
EC_BP384R1 | 384-bits Brainpool curve | |
EC_BP512R1 | 512-bits Brainpool curve | |
EC_SECP192K1 | 192-bits "Koblitz" curve | |
EC_SECP224K1 | 224-bits "Koblitz" curve | |
EC_SECP256K1 | 256-bits "Koblitz" curve | |
EC_CURVE25519 | Curve25519 (deprecated format) | deprecated |
FAST_EC_X25519 | Curve25519 | only encrypt / decrypt |
FAST_EC_ED25519 | Ed25519 | recommended, default |
|
static |
Check if given private key and it's password matches.
key | - private key in DER or PEM format. |
pwd | - private key password. |
|
static |
Return plain (non encrypted) private key.
Decrypt the given private key and return result.
privateKey | - Encrypted Private Key. |
privateKeyPassword | - current Private Key password. |
VirgilCryptoException,with | VirgilCryptoError::InvalidPrivateKeyPassword if password is wrong. |
VirgilCryptoException,with | VirgilCryptoError::InvalidFormat if key has invalid format. |
|
static |
Return encrypted private key in PKCS#8 format.
Encrypt the given private key and return result.
privateKey | - Private Key in the plain text. |
privateKeyPassword | - new Private Key password. |
VirgilCryptoException,with | VirgilCryptoError::InvalidArgument if key is empty. |
VirgilCryptoException,with | VirgilCryptoError::InvalidPrivateKeyPassword if key is already encrypted. |
VirgilCryptoException,with | VirgilCryptoError::InvalidFormat if key has invalid format. |
|
static |
Extract public key from the private key.
privateKey | - Private Key. |
privateKeyPassword | - Private Key password. |
|
static |
Generate new key pair given type.
type | - private key type to be generated. |
pwd | - private key password. |
|
static |
Generate new key pair of the same type based on the donor key pair.
donorKeyPair | - public key or private key is used to determine the new key pair type. |
donorPrivateKeyPassword | - donor private key password, optional if public key is defined. |
newKeyPairPassword | - private key password of the new key pair. |
|
static |
Generates private and public keys from the given key material.
This is a deterministic key generation algorithm that allows create private key from any secret data, i.e. password.
type | - private key type to be generated. |
keyMaterial | - the only data to be used for key generation, must be strong enough. |
pwd | - private key password. |
|
static |
Generate new key pair with recommended most safe type.
pwd | - private key password. |
|
static |
Generates recommended private and public keys from the given key material.
This is a deterministic key generation algorithm that allows create private key from any secret data, i.e. password.
keyMaterial | - the only data to be used for key generation, must be strong enough. |
pwd | - private key password. |
VirgilCryptoException | with VirgilCryptoError::NotSecure, if Key Material is weak. |
|
static |
Check if a public-private pair of keys matches.
publicKey | - public key in DER or PEM format. |
privateKey | - private key in DER or PEM format. |
privateKeyPassword | - private key password if exists. |
|
static |
Check if given private key is encrypted.
privateKey | - private key in DER or PEM format. |
|
static |
Convert given private key to the DER format.
privateKey | - Private Key to be converted. |
privateKeyPassword | - password for the Private Key. |
VirgilCryptoException,with | VirgilCryptoError::InvalidPrivateKeyPassword if password is wrong. |
VirgilCryptoException,with | VirgilCryptoError::InvalidFormat if key has invalid format. |
|
static |
Convert given private key to the PEM format.
privateKey | - Private Key to be converted. |
privateKeyPassword | - password for the Private Key. |
VirgilCryptoException,with | VirgilCryptoError::InvalidPrivateKeyPassword if password is wrong. |
VirgilCryptoException,with | VirgilCryptoError::InvalidFormat if key has invalid format. |
|
static |
Convert given public key to the DER format.
publicKey | - Public Key to be converted. |
VirgilCryptoException,with | VirgilCryptoError::InvalidFormat if key has invalid format. |
|
static |
Convert given public key to the PEM format.
publicKey | - Public Key to be converted. |
VirgilCryptoException,with | VirgilCryptoError::InvalidFormat if key has invalid format. |
|
static |
Reset password for the given private key.
Re-encrypt given Private Key with a new password.
privateKey | - Private Key that is encrypted with old password. |
oldPassword | - current Private Key password. |
newPassword | - new Private Key password. |