| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A OCSP request doesn't need the full subject certificate.
This extends the API to require instead of the subject certificate:
* OCSP::Request: subject serial.
* OCSP::online_check: subject serial AND ocsp responder url.
API breaking change:
* removal of OCSP::Request::subject() as OCSP::Request doesn't need to hold
the certificate, but only the serial.
Signed-off-by: Nuno Goncalves <[email protected]>
|
| |
|
|
|
|
| |
Renames a couple of functions for somewhat better name consistency,
eg make_u32bit becomes make_uint32. The old typedefs remain for now
since probably lots of application code uses them.
|
| | |
|
| |
|
|
|
|
| |
Nothing much but better than nothing.
Also add a useful arg check to OCSP::Request constructor.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Splits path building, path validation, CRL checks, and OCSP checks
into distinct functions in namespace PKIX. The previous path validation
APIs remain.
Fixes to OCSP to store more information and to handle modern OCSP setups
in at least some situations.
|
|
|
The `cert` dir was just an artifact of having previously supported
CVC (smartcard cert format), removed a long time ago.
The pem and pbes2 code is directly related to the pubkey code,
in fact the only caller of pbes2 (likely anywhere, not just
in the library) is in pkcs8.cpp
|
