Contents¶
- Getting Started
- Project Goals
- Support Information
- Building The Library
- Configuring the Build
- Common Build Targets
- Cross Compiling
- On Unix
- On macOS
- On Windows
- Ninja Support
- For iOS using XCode
- For Android
- Emscripten (WebAssembly)
- Supporting Older Distros
- Other Build-Related Tasks
- Building Applications
- Language Wrappers
- Minimized Builds
- Configure Script Options
--cpu=CPU--os=OS--cc=COMPILER--cc-min-version=MAJOR.MINOR--cc-bin=BINARY--cc-abi-flags=FLAGS--cxxflags=FLAGS--extra-cxxflags=FLAGS--ldflags=FLAGS--ar-command=AR--ar-options=AR_OPTIONS--msvc-runtime=RT--compiler-cache--with-os-features=FEAT--without-os-features=FEAT--enable-experimental-features--disable-experimental-features--enable-deprecated-features--disable-deprecated-features--disable-neon--system-cert-bundle=PATH--with-debug-info--with-sanitizers--enable-sanitizers=SAN--without-stack-protector--enable-stack-scrubbing--with-coverage-info--disable-shared-library--disable-static-library--optimize-for-size--no-optimizations--debug-mode--amalgamation--name-amalgamation--with-build-dir=DIR--with-external-includedir=DIR--with-external-libdir=DIR--define-build-macro--with-sysroot-dir=DIR--link-method=METHOD--with-local-config=FILE--distribution-info=STRING--maintainer-mode--werror-mode--no-install-python-module--with-python-versions=N.M--with-valgrind--unsafe-fuzzer-mode--build-fuzzers=TYPE--with-fuzzer-lib=LIB--build-targets=BUILD_TARGETS--without-documentation--with-sphinx--with-pdf--with-rst2man--with-doxygen--module-policy=POL--enable-modules=MODS--disable-modules=MODS--minimized-build--with-boost--with-bzip2--with-lzma--with-zlib--with-commoncrypto--with-sqlite3--with-tpm--with-tpm2--program-suffix=SUFFIX--library-suffix=SUFFIX--prefix=DIR--docdir=DIR--bindir=DIR--libdir=DIR--mandir=DIR--includedir=DIR--list-modules
- Semantic Versioning
- Botan 2.x to 3.x Migration
- Headers
- Build Artifacts
- TLS
- Algorithms Removed
- Certificate API shared_ptr
- All Or Nothing Package Transform
- Exception Changes
- X.509 Certificate Info Access
- OCSP Response Validation
- Use of
enum class - ASN.1 enums
- Cipher Mode Granularity
- “SHA-160” and “SHA1”
- PointGFp
- X509::load_key
- PKCS11_Request::subject_public_key and X509_Certificate::subject_public_key
- choose_sig_format removed
- DLIES Constructors
- Credentials_Manager::private_key_for
- OID operator+
- RSA with “EMSA1” padding
- ECDSA/DSA with “EMSA1” padding
- Signature Algorithm OIDs
- Public Key Signature Padding
- Discrete Logarithm Key Changes
- XMSS Signature Changes
- Random Number Generator
- OpenSSL 1.1 to Botan 3.x Migration
- API Reference
- Footguns
- Versioning
- Memory container
- Random Number Generators
- Hash Functions and Checksums
- Block Ciphers
BlockCipherBlockCipher::createBlockCipher::create_or_throwBlockCipher::set_keyBlockCipher::valid_keylengthBlockCipher::minimum_keylengthBlockCipher::maximum_keylengthBlockCipher::nameBlockCipher::clearBlockCipher::new_objectBlockCipher::block_sizeBlockCipher::parallelismBlockCipher::parallel_bytesBlockCipher::providerBlockCipher::encrypt_nBlockCipher::decrypt_nBlockCipher::encryptBlockCipher::encryptBlockCipher::decryptBlockCipher::decryptBlockCipher::encryptBlockCipher::decrypt
- Code Example
- Available Ciphers
- Stream Ciphers
StreamCipherStreamCipher::nameStreamCipher::clearStreamCipher::new_objectStreamCipher::set_keyStreamCipher::valid_keylengthStreamCipher::minimum_keylengthStreamCipher::maximum_keylengthStreamCipher::valid_iv_lengthStreamCipher::default_iv_lengthStreamCipher::set_ivStreamCipher::seekStreamCipher::cipherStreamCipher::cipher1StreamCipher::encipherStreamCipher::encryptStreamCipher::decrypt
- Code Example
- Available Stream Ciphers
- Message Authentication Codes (MAC)
MessageAuthenticationCodeMessageAuthenticationCode::nameMessageAuthenticationCode::clearMessageAuthenticationCode::new_objectMessageAuthenticationCode::set_keyMessageAuthenticationCode::valid_keylengthMessageAuthenticationCode::minimum_keylengthMessageAuthenticationCode::maximum_keylengthMessageAuthenticationCode::startMessageAuthenticationCode::updateMessageAuthenticationCode::updateMessageAuthenticationCode::updateMessageAuthenticationCode::finalMessageAuthenticationCode::finalMessageAuthenticationCode::verify_mac
- Code Examples
- Available MACs
- Cipher Modes
Cipher_ModeCipher_Mode::set_keyCipher_Mode::valid_keylengthCipher_Mode::minimum_keylengthCipher_Mode::maximum_keylengthCipher_Mode::default_nonce_lengthCipher_Mode::valid_nonce_lengthCipher_Mode::authenticatedCipher_Mode::tag_sizeCipher_Mode::clearCipher_Mode::resetCipher_Mode::start_msgCipher_Mode::startCipher_Mode::startCipher_Mode::update_granularityCipher_Mode::ideal_granularityCipher_Mode::processCipher_Mode::updateCipher_Mode::minimum_final_sizeCipher_Mode::finish
- Code Example
- Available Unauthenticated Cipher Modes
- AEAD Mode
- Available AEAD Modes
- Public Key Cryptography
- Key Objects
- Public Key Algorithms
- Creating New Private Keys
- Serializing Private Keys Using PKCS #8
- Serializing Public Keys
- DL_Group
- Key Checking
- Public Key Encryption/Decryption
- Public Key Signature Schemes
- Key Agreement
- Key Encapsulation
- HyMES McEliece cryptosystem
- Classic McEliece KEM
- eXtended Merkle Signature Scheme (XMSS)
- Hierarchical Signature System with Leighton-Micali Hash-Based Signatures (HSS-LMS)
- X.509 Certificates and CRLs
X509_CertificateX509_Certificate::X509_CertificateX509_Certificate::X509_CertificateX509_Certificate::X509_CertificateX509_Certificate::subject_dnX509_Certificate::issuer_dnX509_Certificate::subject_alt_nameX509_Certificate::issuer_alt_nameX509_Certificate::load_subject_public_keyX509_Certificate::subject_public_key_bitsX509_Certificate::subject_public_key_algoX509_Certificate::serial_numberX509_Certificate::raw_subject_dnX509_Certificate::raw_issuer_dnX509_Certificate::not_beforeX509_Certificate::not_afterX509_Certificate::v3_extensionsX509_Certificate::authority_key_idX509_Certificate::subject_key_idX509_Certificate::allowed_extended_usageX509_Certificate::extended_key_usageX509_Certificate::fingerprintX509_Certificate::constraintsX509_Certificate::matches_dns_nameX509_Certificate::to_stringX509_Certificate::PEM_encodeX509_Certificate::BER_encode
- X.509 Distinguished Names
- X.509v3 Extensions
- Certificate Revocation Lists
- In Memory Certificate Store
Certificate_Store_In_MemoryCertificate_Store_In_Memory::Certificate_Store_In_MemoryCertificate_Store_In_Memory::Certificate_Store_In_MemoryCertificate_Store_In_Memory::Certificate_Store_In_MemoryCertificate_Store_In_Memory::Certificate_Store_In_MemoryCertificate_Store_In_Memory::add_certificateCertificate_Store_In_Memory::add_crl
- System Certificate Stores
- Flatfile Certificate Stores
- SQL-backed Certificate Stores
Certificate_Store_In_SQLCertificate_Store_In_SQL::Certificate_Store_In_SQLCertificate_Store_In_SQL::insert_certCertificate_Store_In_SQL::remove_certCertificate_Store_In_SQL::find_keyCertificate_Store_In_SQL::find_certs_for_keyCertificate_Store_In_SQL::insert_keyCertificate_Store_In_SQL::remove_keyCertificate_Store_In_SQL::revoke_certCertificate_Store_In_SQL::affirm_certCertificate_Store_In_SQL::generate_crls
Certificate_Store_In_SQLite- Path Validation
- Code Example
- Creating New Certificates
- Generating CRLs
- Self-Signed Certificates
- Creating PKCS #10 Requests
- Certificate Options
- Transport Layer Security (TLS)
tls_emit_datatls_record_receivedtls_alerttls_session_establishedtls_verify_cert_chaintls_verify_cert_chain_ocsp_timeouttls_server_choose_app_protocoltls_session_activatedtls_provide_cert_statustls_provide_cert_chain_statustls_peer_network_identitytls_inspect_handshake_msgtls_modify_extensionstls_examine_extensionstls_log_errortls_log_debugtls_log_debug_bin- TLS Channels
ChannelChannel::received_dataChannel::received_dataChannel::sendChannel::sendChannel::sendChannel::closeChannel::send_alertChannel::is_activeChannel::is_closedChannel::is_closed_for_readingChannel::is_closed_for_writingChannel::timeout_checkChannel::renegotiateChannel::update_traffic_keysChannel::peer_cert_chainChannel::external_psk_identityChannel::key_material_export
- TLS Clients
- TLS Servers
- TLS Sessions
- TLS Session Managers
- TLS Policies
PolicyPolicy::allowed_ciphersPolicy::allowed_macsPolicy::allowed_key_exchange_methodsPolicy::allowed_signature_hashesPolicy::allowed_signature_methodsPolicy::key_exchange_groupsPolicy::key_exchange_groups_to_offerPolicy::use_ecc_point_compressionPolicy::acceptable_protocol_versionPolicy::server_uses_own_ciphersuite_preferencesPolicy::allow_client_initiated_renegotiationPolicy::allow_server_initiated_renegotiationPolicy::abort_connection_on_undesired_renegotiationPolicy::allow_insecure_renegotiationPolicy::minimum_signature_strengthPolicy::require_cert_revocation_infoPolicy::default_dh_groupPolicy::minimum_dh_group_sizePolicy::allow_tls12Policy::allow_tls13Policy::minimum_rsa_bitsPolicy::minimum_dsa_group_sizePolicy::minimum_ecdsa_group_sizePolicy::minimum_ecdh_group_sizePolicy::check_peer_key_acceptablePolicy::hide_unknown_usersPolicy::session_ticket_lifetimePolicy::new_session_tickets_upon_handshake_successPolicy::record_size_limitPolicy::tls_13_middlebox_compatibility_mode
- TLS Ciphersuites
- TLS Alerts
- TLS Protocol Version
- Post-quantum-secure key exchange
- TLS Custom Key Exchange Mechanisms
- TLS Stream
- TLS Session Encryption
- Credentials Manager
- BigInt
BigIntBigInt::from_stringBigInt::from_bytesBigInt::serialize_toBigInt::bytesBigInt::bitsBigInt::to_dec_stringBigInt::to_hex_stringBigInt::zeroBigInt::from_u64BigInt::operator+BigInt::operator+BigInt::operator+BigInt::operator-BigInt::operator-BigInt::operator*BigInt::operator/BigInt::operator%BigInt::operator%BigInt::operator<<BigInt::operator>>BigInt::operator+=BigInt::operator+=BigInt::operator-=BigInt::operator-=BigInt::operator*=BigInt::operator*=BigInt::operator/=BigInt::operator%=BigInt::operator%=BigInt::operator<<=BigInt::operator>>=BigInt::operator++BigInt::operator--BigInt::operator++BigInt::operator--BigInt::operator-BigInt::operator!BigInt::clearBigInt::to_u32bitBigInt::is_evenBigInt::is_oddBigInt::is_nonzeroBigInt::is_zeroBigInt::is_negativeBigInt::is_positiveBigInt::abs
- Key Derivation Functions (KDF)
- Password Based Key Derivation
- PasswordHash
PasswordHashPasswordHash::hashPasswordHash::hashPasswordHash::derive_keyPasswordHash::derive_keyPasswordHash::to_stringPasswordHash::iterationsPasswordHash::memory_paramPasswordHash::parallelismPasswordHash::total_memory_usagePasswordHash::supports_keyed_operationPasswordHash::supports_associated_data
PasswordHashFamily
- Code Examples
- Available Schemes
- PBKDF
- PasswordHash
- AES Key Wrapping
- Password Hashing
- Cryptobox
- Secure Remote Password
- PSK Database
- Pipe/Filter Message Processing
- Format Preserving Encryption
- Threshold Secret Sharing
- EC_Group
EC_GroupEC_Group::supports_named_groupEC_Group::supports_application_specific_groupEC_Group::from_OIDEC_Group::from_nameEC_Group::from_PEMEC_Group::EC_GroupEC_Group::EC_GroupEC_Group::EC_GroupEC_Group::DER_encodeEC_Group::DER_encodeEC_Group::PEM_encodeEC_Group::get_pEC_Group::get_aEC_Group::get_bEC_Group::get_g_xEC_Group::get_g_yEC_Group::get_orderEC_Group::get_cofactorEC_Group::get_curve_oidEC_Group::verify_groupEC_Group::known_named_groups
- Elliptic Curve Operations
EC_ScalarEC_Scalar::deserializeEC_Scalar::from_bytes_with_truncEC_Scalar::from_bytes_mod_orderEC_Scalar::randomEC_Scalar::gk_x_mod_orderEC_Scalar::hashEC_Scalar::bytesEC_Scalar::serialize_toEC_Scalar::is_zeroEC_Scalar::is_nonzeroEC_Scalar::invertEC_Scalar::invert_vartimeEC_Scalar::negateEC_Scalar::operator+EC_Scalar::operator-EC_Scalar::operator*EC_Scalar::operator==
EC_AffinePointEC_AffinePoint::generatorEC_AffinePoint::identityEC_AffinePoint::EC_AffinePointEC_AffinePoint::deserializeEC_AffinePoint::is_identityEC_AffinePoint::mulEC_AffinePoint::g_mulEC_AffinePoint::mul_px_qyEC_AffinePoint::addEC_AffinePoint::negateEC_AffinePoint::hash_to_curve_roEC_AffinePoint::hash_to_curve_nuEC_AffinePoint::field_element_bytesEC_AffinePoint::serialize_x_toEC_AffinePoint::serialize_y_toEC_AffinePoint::serialize_xy_toEC_AffinePoint::serialize_compressed_toEC_AffinePoint::serialize_uncompressed_to
Mul2Table
- Lossless Data Compression
- External Providers
- PKCS#11
- Low Level API
- High Level API
- Module
- Slot
- Session
- Objects
AttributeContaineradd_classadd_stringadd_binaryadd_binaryadd_booladd_numericObjectPropertiesObjectPropertiesStorageObjectPropertiesStorageObjectPropertiesset_labelObjectObjectObjectget_attribute_valueset_attribute_valuedestroycopysearchsearchsearchsearchsearchObjectFinderObjectFinderfindfinish
- RSA
- ECDSA
- ECDH
- RNG
- Token Management Functions
- X.509
- Tests
- Tested/Supported Smartcards
- Trusted Platform Module (TPM)
- One Time Passwords
- Roughtime
- libsodium Compatible Interfaces
- ZFEC Forward Error Correction
- FFI (C Binding)
- Rules of Engagement
- Return Codes
BOTAN_FFI_SUCCESSBOTAN_FFI_INVALID_VERIFIERBOTAN_FFI_ERROR_INVALID_INPUTBOTAN_FFI_ERROR_BAD_MACBOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACEBOTAN_FFI_ERROR_STRING_CONVERSION_ERRORBOTAN_FFI_ERROR_EXCEPTION_THROWNBOTAN_FFI_ERROR_OUT_OF_MEMORYBOTAN_FFI_ERROR_SYSTEM_ERRORBOTAN_FFI_ERROR_INTERNAL_ERRORBOTAN_FFI_ERROR_BAD_FLAGBOTAN_FFI_ERROR_NULL_POINTERBOTAN_FFI_ERROR_BAD_PARAMETERBOTAN_FFI_ERROR_KEY_NOT_SETBOTAN_FFI_ERROR_INVALID_KEY_LENGTHBOTAN_FFI_ERROR_INVALID_OBJECT_STATEBOTAN_FFI_ERROR_NOT_IMPLEMENTEDBOTAN_FFI_ERROR_INVALID_OBJECTBOTAN_FFI_TPM_ERRORBOTAN_FFI_ERROR_UNKNOWN_ERRORbotan_error_last_exception_message
- Versioning
- View Functions
- Utility Functions
- Random Number Generators
- Block Ciphers
- Hash Functions
- Message Authentication Codes
- Symmetric Ciphers
botan_cipher_tbotan_cipher_initbotan_cipher_destroybotan_cipher_clearbotan_cipher_set_keybotan_cipher_is_authenticatedbotan_cipher_requires_entire_messagebotan_cipher_get_tag_lengthbotan_cipher_valid_nonce_lengthbotan_cipher_get_default_nonce_lengthbotan_cipher_get_update_granularitybotan_cipher_get_ideal_update_granularitybotan_cipher_set_associated_databotan_cipher_startbotan_cipher_update
- PBKDF
- KDF
- Multiple Precision Integers
botan_mp_tbotan_mp_initbotan_mp_destroybotan_mp_to_hexbotan_mp_view_hexbotan_mp_to_strbotan_mp_view_strbotan_mp_set_from_intbotan_mp_set_from_mpbotan_mp_set_from_strbotan_mp_num_bitsbotan_mp_num_bytesbotan_mp_to_binbotan_mp_view_binbotan_mp_from_binbotan_mp_is_negativebotan_mp_flip_signbotan_mp_addbotan_mp_subbotan_mp_mulbotan_mp_divbotan_mp_mod_mulbotan_mp_equalbotan_mp_is_zerobotan_mp_is_oddbotan_mp_is_evenbotan_mp_is_positivebotan_mp_is_negativebotan_mp_to_uint32botan_mp_cmpbotan_mp_swapbotan_mp_powmodbotan_mp_lshiftbotan_mp_rshiftbotan_mp_mod_inversebotan_mp_rand_bitsbotan_mp_rand_rangebotan_mp_gcdbotan_mp_is_primebotan_mp_get_bitbotan_mp_set_bitbotan_mp_clear_bit
- Password Hashing
- Object Identifiers
- EC Groups
botan_ec_group_tbotan_ec_group_destroybotan_ec_group_supports_application_specific_groupbotan_ec_group_supports_named_groupbotan_ec_group_from_paramsbotan_ec_group_from_berbotan_ec_group_from_pembotan_ec_group_from_oidbotan_ec_group_from_namebotan_ec_group_view_derbotan_ec_group_view_pembotan_ec_group_get_curve_oidbotan_ec_group_get_pbotan_ec_group_get_abotan_ec_group_get_bbotan_ec_group_get_g_xbotan_ec_group_get_g_ybotan_ec_group_get_orderbotan_ec_group_equal
- Public Key Creation, Import and Export
botan_privkey_tbotan_privkey_destroybotan_privkey_createbotan_ec_privkey_createbotan_privkey_create_rsabotan_privkey_create_ecdsabotan_privkey_create_ecdhbotan_privkey_create_mceliecebotan_privkey_create_dhbotan_privkey_loadbotan_privkey_exportbotan_privkey_view_encrypted_derbotan_privkey_view_encrypted_der_timedbotan_privkey_view_encrypted_pembotan_privkey_view_encrypted_pem_timedbotan_privkey_view_derbotan_privkey_view_pembotan_privkey_view_rawbotan_privkey_export_encryptedbotan_privkey_export_encrypted_pbkdf_msecbotan_privkey_export_encrypted_pbkdf_iterbotan_privkey_export_pubkeybotan_privkey_get_fieldbotan_privkey_oidbotan_privkey_stateful_operationbotan_privkey_remaining_operationsbotan_pubkey_tbotan_pubkey_loadbotan_pubkey_exportbotan_pubkey_view_derbotan_pubkey_view_pembotan_pubkey_view_rawbotan_pubkey_algo_namebotan_pubkey_estimated_strengthbotan_pubkey_fingerprintbotan_pubkey_destroybotan_pubkey_get_fieldbotan_pubkey_oid
- RSA specific functions
- DSA specific functions
- ElGamal specific functions
- Diffie-Hellman specific functions
- Public Key Encryption/Decryption
- Signature Generation
- Signature Verification
- Key Agreement
- Public Key Encapsulation
botan_pk_op_kem_encrypt_tbotan_pk_op_kem_encrypt_createbotan_pk_op_kem_encrypt_destroybotan_pk_op_kem_encrypt_shared_key_lengthbotan_pk_op_kem_encrypt_encapsulated_key_lengthbotan_pk_op_kem_encrypt_create_shared_keybotan_pk_op_kem_decrypt_tbotan_pk_op_kem_decrypt_createbotan_pk_op_kem_decrypt_shared_key_lengthbotan_pk_op_kem_decrypt_shared_keybotan_pk_op_kem_decrypt_destroy
- TPM 2.0 Functions
botan_tpm2_ctx_tbotan_tpm2_session_tbotan_tpm2_crypto_backend_state_tbotan_tpm2_supports_crypto_backendbotan_tpm2_ctx_initbotan_tpm2_ctx_init_exbotan_tpm2_ctx_from_esysbotan_tpm2_ctx_enable_crypto_backendbotan_tpm2_enable_crypto_backendbotan_tpm2_unauthenticated_session_initbotan_tpm2_rng_initbotan_tpm2_ctx_destroybotan_tpm2_session_destroybotan_tpm2_crypto_backend_state_destroy
- X.509 Certificates
botan_x509_cert_tbotan_x509_cert_loadbotan_x509_cert_load_filebotan_x509_cert_dupbotan_x509_cert_destroybotan_x509_cert_gen_selfsignedbotan_x509_cert_get_time_startsbotan_x509_cert_get_time_expiresbotan_x509_cert_not_beforebotan_x509_cert_not_afterbotan_x509_cert_get_fingerprintbotan_x509_cert_get_serial_numberbotan_x509_cert_get_authority_key_idbotan_x509_cert_get_subject_key_idbotan_x509_cert_get_public_key_bitsbotan_x509_cert_view_public_key_bitsbotan_x509_cert_get_public_keybotan_x509_cert_get_issuer_dnbotan_x509_cert_get_subject_dnbotan_x509_cert_to_stringbotan_x509_cert_view_as_stringbotan_x509_cert_key_constraintsbotan_x509_cert_allowed_usagebotan_x509_cert_verifybotan_x509_cert_verify_with_crlbotan_x509_cert_validation_status
- X.509 Certificate Revocation Lists
- ZFEC (Forward Error Correction)
- Environment Variables
- Python Binding
- Versioning
- Random Number Generators
- Hash Functions
- Message Authentication Codes
- Ciphers
SymmetricCipherSymmetricCipher.algo_nameSymmetricCipher.tag_lengthSymmetricCipher.default_nonce_lengthSymmetricCipher.update_granularitySymmetricCipher.is_authenticatedSymmetricCipher.valid_nonce_lengthSymmetricCipher.clearSymmetricCipher.set_keySymmetricCipher.set_assoc_dataSymmetricCipher.startSymmetricCipher.updateSymmetricCipher.finish
- Bcrypt
- PBKDF
- Scrypt
- KDF
- Public Key
PublicKeyPublicKey.loadPublicKey.load_rsaPublicKey.load_dsaPublicKey.load_dhPublicKey.load_elgamalPublicKey.load_ecdsaPublicKey.load_ecdhPublicKey.load_sm2PublicKey.load_ml_kemPublicKey.load_ml_dsaPublicKey.load_slh_dsaPublicKey.exportPublicKey.to_derPublicKey.to_pemPublicKey.to_rawPublicKey.get_fieldPublicKey.object_identifierPublicKey.fingerprintPublicKey.algo_namePublicKey.estimated_strength
- Private Key
PrivateKeyPrivateKey.createPrivateKey.create_ecPrivateKey.loadPrivateKey.load_rsaPrivateKey.load_dsaPrivateKey.load_dhPrivateKey.load_elgamalPrivateKey.load_ecdsaPrivateKey.load_ecdhPrivateKey.load_sm2PrivateKey.load_ml_kemPrivateKey.load_ml_dsaPrivateKey.load_slh_dsaPrivateKey.get_public_keyPrivateKey.to_pemPrivateKey.to_derPrivateKey.to_rawPrivateKey.algo_namePrivateKey.exportPrivateKey.export_encryptedPrivateKey.get_fieldPrivateKey.object_identifierPrivateKey.stateful_operationPrivateKey.remaining_operations
- Public Key Operations
- TPM 2.0 Bindings
- Multiple Precision Integers (MPI)
- Object Identifiers (OID)
- EC Groups
ECGroupECGroup.supports_application_specific_groupECGroup.supports_named_groupECGroup.from_paramsECGroup.from_berECGroup.from_pemECGroup.from_oidECGroup.from_nameECGroup.to_derECGroup.to_pemECGroup.get_curve_oidECGroup.get_pECGroup.get_aECGroup.get_bECGroup.get_g_xECGroup.get_g_yECGroup.get_order
- Format Preserving Encryption (FE1 scheme)
- HOTP
- X509Cert
X509CertX509Cert.time_startsX509Cert.time_expiresX509Cert.to_stringX509Cert.fingerprintX509Cert.serial_numberX509Cert.authority_key_idX509Cert.subject_key_idX509Cert.subject_public_key_bitsX509Cert.subject_public_keyX509Cert.subject_dnX509Cert.issuer_dnX509Cert.hostname_matchX509Cert.not_beforeX509Cert.not_afterX509Cert.allowed_usageX509Cert.verifyX509Cert.validation_statusX509Cert.is_revoked
- X509CRL
- Command Line Interface
- Hardware Acceleration
- Deprecated Features
- Development Roadmap
- Credits
- ABI Stability
- Notes for Distributors
- Security Advisories
- Threat Model
- Side Channels
- Modular Exponentiation
- Barrett Reduction
- RSA
- Decryption of PKCS #1 v1.5 Ciphertexts
- Verification of PKCS #1 v1.5 Signatures
- OAEP
- ECC point decoding
- ECC scalar multiplication
- ECDH
- ECDSA
- x25519
- TLS CBC ciphersuites
- CBC mode padding
- base64 decoding
- AES
- GCM
- OCB
- Poly1305
- DES/3DES
- Twofish
- ChaCha20, Serpent, Threefish, …
- IDEA
- Hash Functions
- Memory comparisons
- Memory zeroizing
- Stack Scrubbing
- Memory allocation
- Side Channel Analysis Tools
- References
- Developer Reference
- Notes for New Contributors
- Understanding configure.py
- Test Framework
- Namespaces in Test
- Test Data
- Test
- Test::Result
ResultResult::ResultResult::test_successResult::test_successResult::test_failureResult::test_failureResult::test_failureResult::test_eqResult::test_neResult::test_eqResult::test_neResult::test_eqResult::test_neResult::confirmResult::test_not_nullResult::test_ltResult::test_lteResult::test_gtResult::test_gteResult::test_throwsResult::test_throws
- Text_Based_Test
- Test Runner
- Continuous Integration and Automated Testing
- Fuzzing The Library
- Release Process and Checklist
- Todo List
- OS Features
- Private OID Assignments
- Custom Elliptic Curve
- Checklist For Next Major Version
- Reading List
- Mistakes Were Made