aboutsummaryrefslogtreecommitdiffstats
path: root/src/cert
Commit message (Collapse)AuthorAgeFilesLines
* Fix various typos, and remove an unused macro in checks/bench.cpplloyd2012-04-231-1/+1
| | | | All reported by Patrick Pelletier.
* Fix the very basic operations for encoding and decoding alloyd2011-05-171-5/+10
| | | | | | | | | certificate policies extension, though it's really not supported at all. Remove test code from secmem.h Fix building the examples
* Add back BigInt::to_u32bitlloyd2011-05-101-1/+1
| | | | | | | Fix BigInt::get_substring when length is equal to 32 - an overflow would cause the mask to be equal to 0 thus producing nothing at all. Disable CVC by default, it's not ready for prime time in any sense.
* ECC private keys had two different constructors, one taking a grouplloyd2011-04-081-1/+1
| | | | | | | | | | | | | | | | and a random number generator, and the other taking a group and a preset private key value. The DL private keys instead have on constructor for this; if the x value is zero, then a new random key is created. For consistency, do this with ECC as well. ECDH actually didn't have one of these constructors, forcing you to either load from PKCS #8 or else use a random key. Rename EC_Domain_Params to EC_Group, with a typedef for compatability. More doc updates. Update mtn ignores for Sphinx output
* In X509_Certificate::to_string, don't print key ids if emptylloyd2011-04-062-3/+7
| | | | | | Reduce size of serial numbers of new certs from 256 to 128 bits; 2**64 certs is _probably_ sufficient, given that it would take hundreds of exabytes of storage to hold that many certificates. :)
* Fix variable mask warning in Sun C++.lloyd2011-03-011-4/+4
| | | | Make comment clearer on how to enable stlport4 in Sun C++
* Use size_t rather than u32bit for loop variableslloyd2011-02-161-12/+12
|
* Some dependency fixeslloyd2011-02-112-1/+3
|
* Remove inclusions of unused headers.lloyd2011-02-102-7/+7
| | | | Avoid using auto_ptr in the CVC headers.
* Pull out variable, causes link problems in amalgamationlloyd2011-02-092-3/+3
|
* Convert the BER/DER coders to use size_t instead of u32bit for smalllloyd2011-02-0911-22/+26
| | | | integer values. Update callers.
* Some cleanups, and add an <ios> include for Sun Studio 12lloyd2011-02-092-40/+47
|
* Fix some VC warnings under 64 bit compileslloyd2010-12-132-6/+6
|
* Make the random serial numbers 256 bits to ensure they will neverlloyd2010-11-291-1/+1
| | | | | | collide. One might, theoretically, generate 2^64 certificates with a single CA (say, for each particle in a planet wide cloud of smart dust), but 2^128 does not seem possible.
* Add X509_Certificate::to_stringlloyd2010-11-292-2/+110
| | | | The x509info example now just calls that
* Overflow warning in MSVClloyd2010-11-291-1/+2
|
* Add a BOTAN_DEPRECATED macro which can provide compile-timelloyd2010-11-021-0/+1
| | | | deprecation warnings (at least for GCC and VC++). Use in some places.
* Doxygen updates.lloyd2010-11-021-0/+3
| | | | | Remove version of search_map that returns two distinguishing results; only used in one place, and that can be replaced by a call to count()
* s/u32bit/size_t/lloyd2010-10-291-2/+2
|
* s/u32bit/size_t/lloyd2010-10-184-38/+38
|
* Split some of the ASN.1 types into their own headerslloyd2010-10-132-0/+2
|
* Use output_length() instead of OUTPUT_LENGTH pseudo-propertylloyd2010-10-131-1/+1
|
* Fix CRL reason codes and updating of CRLs. Add tests for both cases.lloyd2010-10-074-42/+7
|
* Forward port CRL fixes from rev 7bb2001cd554a1acc3d345914ea710ff0e1d3a6blloyd2010-10-071-7/+12
|
* Add dependencieslloyd2010-09-247-0/+31
|
* Add info.txt filelloyd2010-09-211-0/+1
|
* Remove searching with an arbitrary predicate from X509_Storelloyd2010-09-204-197/+0
|
* Move certificate store to its own dirlloyd2010-09-203-0/+1
|
* Add missing info fileslloyd2010-09-205-0/+6
|
* Add CRL storage possibilitieslloyd2010-09-203-17/+93
|
* Hide X509_Store::check_siglloyd2010-09-201-2/+2
|
* Add a (clunky) function X509_Object::hash_used_for_signature thatlloyd2010-09-202-0/+26
| | | | | | | returns the hash function that was used to create the signature. Useful for a future X509 path validator that inform the user which hash(es) they are relying on and/or allowing the ability to reject hashes which are undesirable (MD2, MD5, etc)
* Don't use SecureVector to store certificate data; mlock'ed memory inlloyd2010-09-173-8/+8
| | | | | particular is precious. Really these could probably just as easily be std::vectors since even zeroizing the memory isn't relevant here.
* Define a simpler Certificate_Store interface which should be muchlloyd2010-09-173-45/+56
| | | | | easier to implement without requiring in-memory linear searching (eg a flatfile store or SQL database with indexes).
* Hide X509_Object constructorlloyd2010-09-171-11/+11
|
* Remove dependencies on X509_Storelloyd2010-09-174-12/+23
|
* Split up src/cert/x509 into a set of modules, though mostly mutuallylloyd2010-09-1726-47/+0
| | | | dependent right now.
* Update all uses of MemoryRegion::append to use either push_back or operator+=lloyd2010-09-156-22/+20
|
* Remove more uses of vector to pointer implicit conversionslloyd2010-09-131-1/+1
|
* Anywhere where we use MemoryRegion::begin to get access to the raw pointerlloyd2010-09-131-7/+5
| | | | | representation (rather than in an interator context), instead use &buf[0], which works for both MemoryRegion and std::vector
* Make round_up and round_down templates instead of fixed to use u32bitslloyd2010-06-291-1/+1
|
* Define X509_Object::encode in terms of BER_encode and PEM_encodelloyd2010-06-211-22/+12
|
* Doxygenlloyd2010-06-211-2/+34
|
* Replace "@return a blah" and "@return the blah" with just "@return blah"lloyd2010-06-169-48/+48
|
* More Doxygen updates/fixeslloyd2010-06-156-35/+59
|
* Fix a few hundred Doxygen warningslloyd2010-06-158-8/+23
|
* Use X509::BER_encode. Saves 12 lines. Nicelloyd2010-06-151-18/+6
|
* Remove some C-style castslloyd2010-04-231-2/+2
|
* Initialize m_pk to null in constructorlloyd2010-03-171-0/+2
|
* Remove config options to toggle if X.509 extensions are critical orlloyd2010-03-104-48/+47
| | | | | | | | not. Instead provide via Extensions::add(). No way to modify behavior currently, it just follows the previous default police. Remove the config options from Library_State entirely. Die, mutable singletons, die.