aboutsummaryrefslogtreecommitdiffstats
path: root/src/cert
Commit message (Collapse)AuthorAgeFilesLines
* Make the random serial numbers 256 bits to ensure they will neverlloyd2010-11-291-1/+1
| | | | | | collide. One might, theoretically, generate 2^64 certificates with a single CA (say, for each particle in a planet wide cloud of smart dust), but 2^128 does not seem possible.
* Add X509_Certificate::to_stringlloyd2010-11-292-2/+110
| | | | The x509info example now just calls that
* Overflow warning in MSVClloyd2010-11-291-1/+2
|
* Add a BOTAN_DEPRECATED macro which can provide compile-timelloyd2010-11-021-0/+1
| | | | deprecation warnings (at least for GCC and VC++). Use in some places.
* Doxygen updates.lloyd2010-11-021-0/+3
| | | | | Remove version of search_map that returns two distinguishing results; only used in one place, and that can be replaced by a call to count()
* s/u32bit/size_t/lloyd2010-10-291-2/+2
|
* s/u32bit/size_t/lloyd2010-10-184-38/+38
|
* Split some of the ASN.1 types into their own headerslloyd2010-10-132-0/+2
|
* Use output_length() instead of OUTPUT_LENGTH pseudo-propertylloyd2010-10-131-1/+1
|
* Fix CRL reason codes and updating of CRLs. Add tests for both cases.lloyd2010-10-074-42/+7
|
* Forward port CRL fixes from rev 7bb2001cd554a1acc3d345914ea710ff0e1d3a6blloyd2010-10-071-7/+12
|
* Add dependencieslloyd2010-09-247-0/+31
|
* Add info.txt filelloyd2010-09-211-0/+1
|
* Remove searching with an arbitrary predicate from X509_Storelloyd2010-09-204-197/+0
|
* Move certificate store to its own dirlloyd2010-09-203-0/+1
|
* Add missing info fileslloyd2010-09-205-0/+6
|
* Add CRL storage possibilitieslloyd2010-09-203-17/+93
|
* Hide X509_Store::check_siglloyd2010-09-201-2/+2
|
* Add a (clunky) function X509_Object::hash_used_for_signature thatlloyd2010-09-202-0/+26
| | | | | | | returns the hash function that was used to create the signature. Useful for a future X509 path validator that inform the user which hash(es) they are relying on and/or allowing the ability to reject hashes which are undesirable (MD2, MD5, etc)
* Don't use SecureVector to store certificate data; mlock'ed memory inlloyd2010-09-173-8/+8
| | | | | particular is precious. Really these could probably just as easily be std::vectors since even zeroizing the memory isn't relevant here.
* Define a simpler Certificate_Store interface which should be muchlloyd2010-09-173-45/+56
| | | | | easier to implement without requiring in-memory linear searching (eg a flatfile store or SQL database with indexes).
* Hide X509_Object constructorlloyd2010-09-171-11/+11
|
* Remove dependencies on X509_Storelloyd2010-09-174-12/+23
|
* Split up src/cert/x509 into a set of modules, though mostly mutuallylloyd2010-09-1726-47/+0
| | | | dependent right now.
* Update all uses of MemoryRegion::append to use either push_back or operator+=lloyd2010-09-156-22/+20
|
* Remove more uses of vector to pointer implicit conversionslloyd2010-09-131-1/+1
|
* Anywhere where we use MemoryRegion::begin to get access to the raw pointerlloyd2010-09-131-7/+5
| | | | | representation (rather than in an interator context), instead use &buf[0], which works for both MemoryRegion and std::vector
* Make round_up and round_down templates instead of fixed to use u32bitslloyd2010-06-291-1/+1
|
* Define X509_Object::encode in terms of BER_encode and PEM_encodelloyd2010-06-211-22/+12
|
* Doxygenlloyd2010-06-211-2/+34
|
* Replace "@return a blah" and "@return the blah" with just "@return blah"lloyd2010-06-169-48/+48
|
* More Doxygen updates/fixeslloyd2010-06-156-35/+59
|
* Fix a few hundred Doxygen warningslloyd2010-06-158-8/+23
|
* Use X509::BER_encode. Saves 12 lines. Nicelloyd2010-06-151-18/+6
|
* Remove some C-style castslloyd2010-04-231-2/+2
|
* Initialize m_pk to null in constructorlloyd2010-03-171-0/+2
|
* Remove config options to toggle if X.509 extensions are critical orlloyd2010-03-104-48/+47
| | | | | | | | not. Instead provide via Extensions::add(). No way to modify behavior currently, it just follows the previous default police. Remove the config options from Library_State entirely. Die, mutable singletons, die.
* Make cert decoding errors more verboselloyd2010-03-101-2/+2
|
* Modify pubkey classes to take names instead of object pointers.lloyd2010-03-086-29/+23
| | | | | Remove use of look_pk from the source and examples, instead instantiate classes directly.
* Remove the now no-op classes PK_Encrypting_Key,lloyd2010-03-085-47/+7
| | | | | PK_Decrypting_Key, PK_Signing_Key, PK_Verifying_with_MR_Key, and PK_Verifying_wo_MR_Key.
* Changes to CVC to deal with the fact that you can't create an uninitializedlloyd2010-03-043-8/+10
| | | | ECDSA_PublicKey object anymore.
* The code in pk_codecs was actually entirely tied to the code inlloyd2010-03-042-2/+0
| | | | | | pubkey; you literally could not compile any pubkey code without it. Move it up to the pubkey dir, it wasn't at all useful to have it in its own dir.
* Add a new function to Public_Key, algorithm_identifier(), which justlloyd2010-03-041-7/+1
| | | | | returns the AlgorithmIdentifier representing this scheme (OID + domain params if any).
* Remove BOTAN_DLL from templates, VC++ doesn't like itlloyd2010-03-032-2/+2
|
* Reorganize where some CVC code goes to avoid template bloat + VC problemslloyd2010-03-037-95/+66
|
* CVC assumed sigs were DER encoded by default. Not truelloyd2010-03-024-25/+7
|
* Remove ECDSA_Signature encoding/decoding cruftlloyd2010-03-023-83/+39
|
* Cleanups, remove dead codelloyd2010-03-028-96/+27
|
* Port in the code for forming the EAC encoding of an ECDSA key, so nowlloyd2010-03-021-19/+47
| | | | generating new CVC certs might actually work.
* Lots of internal CVC cleanupslloyd2010-03-0213-192/+121
|