aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/x509/x509path.h
Commit message (Collapse)AuthorAgeFilesLines
* Small fixes in API docs [ci skip]René Korthaus2017-03-091-1/+1
|
* Increase Path_Validation_Restrictions default min strength to 110Jack Lloyd2016-12-271-6/+8
| | | | | Effectively disables 1024 bit RSA as well as SHA-1. Edit the tests where required to enable it again.
* Add CertificatePathStatusCodes typedefJack Lloyd2016-12-181-13/+19
| | | | Little easier to read perhaps, and helps prevent some astyle confusion.
* Add OCSP stapling support to TLS clientJack Lloyd2016-11-261-5/+13
|
* Address review comments from @cordneyJack Lloyd2016-11-251-73/+164
| | | | | | | | | | | | Primarily doc updates but also expose some more logic in PKIX namespace, overall_status and merge_revocation_status. This allows calling more or less all of the logic used by the monolitic x509_path_validate in any way needed by an application. Add Certificate_Store_In_Memory::add_crl variant taking shared_ptr Add optional Certificate_Store_In_Memory* pointer to check_crl_online, valid CRLs are saved there.
* Add macro signalling support for online revocation checks.Jack Lloyd2016-11-231-1/+5
|
* Refactor X.509 path validationJack Lloyd2016-11-231-15/+93
| | | | | | | | | Splits path building, path validation, CRL checks, and OCSP checks into distinct functions in namespace PKIX. The previous path validation APIs remain. Fixes to OCSP to store more information and to handle modern OCSP setups in at least some situations.
* Move cert/x509 to top level and pem and pbes2 to pubkey.Jack Lloyd2016-11-031-0/+239
The `cert` dir was just an artifact of having previously supported CVC (smartcard cert format), removed a long time ago. The pem and pbes2 code is directly related to the pubkey code, in fact the only caller of pbes2 (likely anywhere, not just in the library) is in pkcs8.cpp
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-12 09:04:24 +0000