aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/x509
Commit message (Collapse)AuthorAgeFilesLines
* Expose a function returning a status code for verifing X509 objectsJack Lloyd2017-12-196-59/+99
| | | | | | | | | The versions returning bool just tell us if it could be verified but don't indicate the problem, everything got binned into "signature error" during verification. Now in the event that the params were invalid, or the signature algorithm couldn't be found, report that as a specific error. See GH #1362
* Avoid tying encoding of CRLs to the current system clockJack Lloyd2017-12-182-19/+66
|
* Expose timeouts on the freestanding OCSP request utilsJack Lloyd2017-12-172-6/+24
|
* Use HTTP level timeouts instead of polling on the std::futureJack Lloyd2017-12-172-25/+8
|
* Add ability to fingerprint public keysJack Lloyd2017-12-142-19/+4
|
* Need binary IO for WindowsJack Lloyd2017-12-044-14/+4
|
* Support uninitialized certificate objectsJack Lloyd2017-12-0410-136/+140
| | | | | | | Issued raised by @securitykernel on Slack, there was no non-hacky way to decode a list of certificate objects because creating an uninitialized one wasn't allowed. However after #884 that got much closer to being viable, this is the last pieces.
* CRL_Data is a struct not a classJack Lloyd2017-11-291-1/+2
|
* Allow parsing and printing certificates with unknown public key algosJack Lloyd2017-11-182-6/+31
|
* Fix encoding of subject key identifierJack Lloyd2017-11-165-23/+27
| | | | | | Changed in #884 - we were copying the entire public key as the public key id. Instead hash it with whatever hash we are using to sign the certificate.
* Fix a memory leak in the case where certificate extension decoding fails.Jack Lloyd2017-11-162-30/+33
| | | | | | Introduced in #884 Found by OSS-Fuzz (bug 4249)
* Remove debug abort [ci skip]Jack Lloyd2017-11-141-1/+0
|
* Consolidate function for testing for ASN.1 string typesJack Lloyd2017-11-141-19/+3
|
* Check for keyCertSign on non-CA certificates during validationJack Lloyd2017-11-141-0/+14
| | | | GH #1089
* Fix PKCS10 subject alt name usageJack Lloyd2017-11-144-7/+26
| | | | GH #1010
* Add a test for GH #1252Jack Lloyd2017-11-141-1/+7
|
* Use new APIs in path validation and name constraint handlingJack Lloyd2017-11-142-6/+14
|
* Store CRL_Entry data in shared_ptrJack Lloyd2017-11-142-41/+81
|
* Store X509_CRL data in shared_ptrJack Lloyd2017-11-142-69/+102
|
* Store PKCS10 request data in structureJack Lloyd2017-11-142-65/+85
|
* Refactor certificate extension handlingJack Lloyd2017-11-142-274/+441
|
* Store all data of an X509 certificate in a shared_ptr data struct.Jack Lloyd2017-11-144-364/+567
|
* Use new Decoding_Error constructorJack Lloyd2017-11-141-4/+2
|
* Require SHA-2 for X.509 moduleJack Lloyd2017-11-141-0/+1
| | | | The certstore interface assumes it and it's probably not unreasonable...
* In X509_CA save the hash function usedJack Lloyd2017-11-142-2/+11
|
* Move X509_DN and AlternativeName from asn1 to x509Jack Lloyd2017-11-145-0/+766
|
* Compile fixJack Lloyd2017-11-141-2/+2
|
* Correct issuer field of created CRLsJack Lloyd2017-11-142-6/+6
| | | | Fixes GH #1242
* Remove use of transcodeJack Lloyd2017-11-092-7/+3
|
* Convert http:// links to https:// where possibleJack Lloyd2017-10-241-1/+1
|
* review changesDaniel Neus2017-10-212-8/+7
|
* X.509 RSA-PSS verificationDaniel Neus2017-10-203-8/+137
|
* Address various GCC warningsJack Lloyd2017-10-061-2/+2
| | | | | Things like -Wconversion and -Wuseless-cast that are noisy and not on by default.
* Remove various unused variablesJack Lloyd2017-10-021-1/+0
| | | | Sonar finds
* Use class for exception typesJack Lloyd2017-10-021-3/+4
|
* Remove protected data members from X509_ObjectJack Lloyd2017-10-025-41/+27
| | | | Just need const accessors, no reason for any subclass to modify values.
* Remove redundant "virtual override" declarations.Jack Lloyd2017-10-021-3/+3
|
* Guard against self-assignmentJack Lloyd2017-09-301-0/+3
| | | | Found with Sonar
* Further header cleanupsJack Lloyd2017-09-287-2/+10
|
* Header cleanupsJack Lloyd2017-09-282-2/+2
|
* Avoid GCC signed-overflow warningJack Lloyd2017-09-221-2/+2
|
* Avoid explicit deleteJack Lloyd2017-09-222-5/+5
|
* Apply final annotations to the library alsoJack Lloyd2017-09-2210-17/+17
| | | | | Done by a perl script which converted all classes to final, followed by selective reversion where it caused compilation failures.
* Add missing mutex.h includeJack Lloyd2017-09-211-0/+1
|
* More include header cleanupsJack Lloyd2017-09-2115-28/+15
|
* Header file cleanupsJack Lloyd2017-09-214-3/+3
| | | | Some help from include-what-you-use
* Clean up header includesJack Lloyd2017-09-212-2/+2
| | | | | | | Avoid including build.h or assert.h directly, instead always take them though types.h Avoid math.h in favor of cmath
* Change header guard format to BOTAN_FOO_H_Jack Lloyd2017-09-2018-36/+36
| | | | | | ISO C++ reserves names with double underscores in them Closes #512
* Complete the final annotation changesJack Lloyd2017-09-192-8/+10
|
* Add API stability annotations.Jack Lloyd2017-09-1918-65/+65
| | | | | Defined in build.h, all equal to BOTAN_DLL so ties into existing system for exporting symbols.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 00:36:56 +0000