| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
Avoid throwing base Botan::Exception type, as it is difficult to
determine what the error is in that case.
Add Exception::error_code and Exception::error_type which allows
(for error code) more information about the error and (for error type)
allows knowing the error type without requiring a sequence of catches.
See GH #1742
|
|
|
|
|
|
|
|
|
|
|
| |
Let DER_Encoder write to a user specified vector instead of only to an
internal vector. This allows encoding to a std::vector without having
to first write to a locked vector and then copying out the result.
Add ASN1_Object::BER_encode convenience method. Replaces
X509_Object::BER_encode which had the same logic but was restricted to
a subtype. This replaces many cases where DER_Encoder was just used
to encode a single object (X509_DN, AlgorithmIdentifier, etc).
|
| |
|
|
|
|
|
| |
Now there are usable accessors that allow the library to avoid
using BER_Object members directly.
|
| |
|
| |
|
| |
|
|
|
|
| |
Some help from include-what-you-use
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A OCSP request doesn't need the full subject certificate.
This extends the API to require instead of the subject certificate:
* OCSP::Request: subject serial.
* OCSP::online_check: subject serial AND ocsp responder url.
API breaking change:
* removal of OCSP::Request::subject() as OCSP::Request doesn't need to hold
the certificate, but only the serial.
Signed-off-by: Nuno Goncalves <[email protected]>
|
|
|
|
|
|
| |
Renames a couple of functions for somewhat better name consistency,
eg make_u32bit becomes make_uint32. The old typedefs remain for now
since probably lots of application code uses them.
|
| |
|
|
|
|
|
|
| |
Nothing much but better than nothing.
Also add a useful arg check to OCSP::Request constructor.
|
| |
|
|
|
|
|
|
|
|
|
| |
Splits path building, path validation, CRL checks, and OCSP checks
into distinct functions in namespace PKIX. The previous path validation
APIs remain.
Fixes to OCSP to store more information and to handle modern OCSP setups
in at least some situations.
|
|
The `cert` dir was just an artifact of having previously supported
CVC (smartcard cert format), removed a long time ago.
The pem and pbes2 code is directly related to the pubkey code,
in fact the only caller of pbes2 (likely anywhere, not just
in the library) is in pkcs8.cpp
|