184 Commits (611c9e39dacca965bf9925aaa13f38855b243586)

Author SHA1 Message Date
  Michael Brown 5cbdc41778 [crypto] Fix parsing of OCSP responder ID key hash 10 years ago
  Michael Brown 50e48d5b19 [crypto] Fix debug message 10 years ago
  Michael Brown 8484e97f7c [crypto] Add support for iPAddress subject alternative names 10 years ago
  Michael Brown 93acb5d8d0 [crypto] Allow wildcard matches on commonName as well as subjectAltName 10 years ago
  Michael Brown f10726c8bb [crypto] Add support for subjectAltName and wildcard certificates 10 years ago
  Michael Brown 7c7c957094 [crypto] Allow signed timestamp error margin to be configured at build time 10 years ago
  Michael Brown d90490578d [crypto] Use fingerprint when no common name is available for debug messages 10 years ago
  Michael Brown bc8ca6b8ce [crypto] Generalise X.509 cache to a full certificate store 10 years ago
  Michael Brown 2dd3fffe18 [crypto] Add pubkey_match() to check for matching public/private key pairs 10 years ago
  Michael Brown e1ebc50f81 [crypto] Remove dynamically-allocated storage for certificate OCSP URI 10 years ago
  Michael Brown 01fa7efa38 [crypto] Remove dynamically-allocated storage for certificate name 10 years ago
  Alexander Chernyakhovsky 151e4d9bfa [ocsp] Handle OCSP responses that don't provide certificates 11 years ago
  Michael Brown 7667536527 [uri] Refactor URI parsing and formatting 10 years ago
  Michael Brown 97fd5ccdd8 [deflate] Fix literal data length calculation 11 years ago
  Michael Brown 9bdfc36bcc [deflate] Add support for DEFLATE decompression 11 years ago
  Michael Brown b0942534eb [settings] Force settings into alphabetical order within sections 11 years ago
  Michael Brown 22001cb206 [settings] Explicitly separate the concept of a completed fetched setting 11 years ago
  Michael Brown 72fb55e437 [settings] Change "not-found" semantics of fetch_setting_copy() 11 years ago
  Michael Brown 0036fdd5c5 [crypto] Accept OCSP responses containing multiple certificates 11 years ago
  Michael Brown cb29cd4298 [crypto] Report meaningful error when certificate chain validation fails 11 years ago
  Michael Brown e42bc3aa37 [libc] Use __einfo() tuple as first argument to EUNIQ() 11 years ago
  Michael Brown 09d45ffd79 [crypto] Allow in-place CBC decryption 12 years ago
  Michael Brown c3b4860ce3 [legal] Update FSF mailing address in GPL licence texts 12 years ago
  Michael Brown 024247317d [arp] Try to avoid discarding ARP cache entries 12 years ago
  Michael Brown 4010890a39 [crypto] Allow an error margin on X.509 certificate validity periods 12 years ago
  Michael Brown 4fa1a2b4fe [crypto] Rename KEY= to PRIVKEY= and "key" to "privkey" 12 years ago
  Michael Brown 7fa1f41f7d [crypto] Require OCSP check if certificate provides an OCSP URI 12 years ago
  Michael Brown 944e023def [crypto] Construct OCSP check URI 12 years ago
  Michael Brown 57de8b6272 [crypto] Fix margin of error for OCSP checks 12 years ago
  Michael Brown b278094902 [crypto] Return a NULL OCSP check if construction fails 12 years ago
  Michael Brown c923d57663 [crypto] Return a NULL X.509 certificate if construction fails 12 years ago
  Michael Brown f20c3742e7 [crypto] Accept UTCTime/GeneralizedTime with no "seconds" field 12 years ago
  Michael Brown 39ac285a8a [crypto] Add framework for OCSP 12 years ago
  Michael Brown deac4ea1ba [crypto] Add functions for constructing ASN.1 objects 12 years ago
  Michael Brown e01af7367d [crypto] Parse OCSPSigning key purpose, if present 12 years ago
  Michael Brown 4aad46ac70 [crypto] Generalise x509_parse_bit_string() to asn1_bit_string() 12 years ago
  Michael Brown 7deb610881 [crypto] Generalise asn1_{digest,pubkey,signature}_algorithm() 12 years ago
  Michael Brown 88c09b36cf [crypto] Generalise x509_parse_time() to asn1_generalized_time() 12 years ago
  Michael Brown e5858c1938 [crypto] Parse X.509 raw public key bit string 12 years ago
  Michael Brown 0e4ee60a75 [crypto] Reduce standard debugging output 12 years ago
  Michael Brown 1a5f025ad8 [crypto] Add x509_auto_append() 12 years ago
  Michael Brown 99c798d87a [crypto] Add x509_append_raw() 12 years ago
  Michael Brown 6c8fcd4bb3 [crypto] Check that common name contains no NUL characters 12 years ago
  Michael Brown 0ad8b601dd [crypto] Allow for X.509 certificates with no common name 12 years ago
  Michael Brown 557f467bab [crypto] Allow certificate chains to be long-lived data structures 12 years ago
  Michael Brown 793b8b0893 [crypto] Fix memory leak in cms_verify_digest() 12 years ago
  Michael Brown 601cb3610f [crypto] Parse OCSP responder URI from X.509 certificate 12 years ago
  Michael Brown bd16deaa87 [crypto] Do not allow build-time cryptography settings to be overridden 12 years ago
  Michael Brown 63d9cc28b9 [crypto] Allow client certificate to be changed without a rebuild 12 years ago
  Michael Brown 02f1f3066d [crypto] Allow trusted root certificate to be changed without a rebuild 12 years ago