aboutsummaryrefslogtreecommitdiff
path: root/crypto/x509
AgeCommit message (Expand)AuthorFilesLines
2020-09-20ENCODER: Adapt calls to the changed OSSL_ENCODER_CTX_new_by_EVP_PKEY()Richard Levitte1-6/+13
2020-09-17Rename check_chain_extensions to check_chainTomas Mraz2-4/+4
2020-09-17Disallow certs with explicit curve in verification chainTomas Mraz2-0/+37
2020-09-16free memory use on error in cert verifyPauli1-0/+1
2020-09-13Ignore unused return values from some sk_*() macrosMatt Caswell3-3/+3
2020-09-13Fix safestack issues in conf.hMatt Caswell20-40/+0
2020-09-13Fix safestack issues in asn1t.hMatt Caswell1-2/+0
2020-09-13Fix safestack issues in x509_vfy.hMatt Caswell3-7/+0
2020-09-13Fix safestack issues in asn1.hMatt Caswell15-26/+0
2020-09-13Fix stacks of OPENSSL_STRING, OPENSSL_CSTRING and OPENSSL_BLOCKMatt Caswell4-6/+0
2020-09-13Fix safestack issues in x509v3.hMatt Caswell23-41/+0
2020-09-13Fix safestack issues in x509.hMatt Caswell25-40/+0
2020-09-11check_chain_extensions(): Require X.509 v3 if extensions are presentDr. David von Oheimb2-0/+6
2020-09-11check_chain_extensions(): Change exclusion condition w.r.t. RFC 6818 section 2Dr. David von Oheimb1-2/+5
2020-09-11x509_vfy.c: Make sure that strict checks are not done for self-issued EE certsDr. David von Oheimb1-6/+9
2020-09-11check_chain_extensions(): Add check that CA cert includes key usage extensionDr. David von Oheimb2-4/+10
2020-09-11check_chain_extensions(): Add check that on empty Subject the SAN must be mar...Dr. David von Oheimb3-6/+9
2020-09-11check_chain_extensions(): Add check that AKID and SKID are not marked criticalDr. David von Oheimb3-7/+25
2020-09-11check_chain_extensions(): Add check that Basic Constraints of CA cert are mar...Dr. David von Oheimb3-2/+13
2020-09-11Extend X509 cert checks and error reporting in v3_{purp,crld}.c and x509_{set...Dr. David von Oheimb7-86/+234
2020-09-10X509_NAME_cmp: restrict normal return values to {-1,0,1} to avoid confusion w...Dr. David von Oheimb1-19/+19
2020-09-10X509_NAME_oneline(): Fix output of multi-valued RDNs, escaping '/' and '+' in...Dr. David von Oheimb1-10/+16
2020-09-05X509_STORE_CTX_print_verify_cb(): add AKID and SKID output for (non-)trusted ...Dr. David von Oheimb2-7/+21
2020-09-03STORE: Move the built-in 'file:' loader to become an engine moduleRichard Levitte1-1/+1
2020-08-26RFC 8398: EAI comparisonDmitry Belyavskiy1-2/+16
2020-08-26RFC 8398: Name constraints validationDmitry Belyavskiy1-5/+68
2020-08-26crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc()Richard Levitte1-3/+11
2020-08-24STORE: Modify to support loading with provider based loadersRichard Levitte1-0/+9
2020-08-21Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODERichard Levitte1-13/+13
2020-08-21Add libctx and propq param to ASN.1 sign/verify/HMAC/decryptDr. David von Oheimb1-60/+7
2020-08-21x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx()Dr. David von Oheimb1-4/+1
2020-08-21Make sure x509v3_cache_extensions() does not modify the error queueDr. David von Oheimb1-0/+2
2020-08-20X509: Add d2i_PUBKEY_ex(), which take a libctx and propqRichard Levitte1-8/+47
2020-08-13Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_httpDr. David von Oheimb1-4/+0
2020-08-12Introduce X509_add_cert[s] simplifying various additions to cert listsDr. David von Oheimb3-48/+66
2020-08-09Add libctx support to PKCS7.Shane Lontis1-2/+13
2020-08-09Add internal method x509_set0_libctx().Shane Lontis1-0/+14
2020-08-06Update copyright yearMatt Caswell1-1/+1
2020-08-04Add 'section=...' info in error output of X509V3_EXT_nconf() as far as approp...Dr. David von Oheimb1-12/+31
2020-08-04Rename misleading X509V3_R_INVALID_NULL_NAME to X509V3_R_INVALID_EMPTY_NAMEDr. David von Oheimb2-5/+5
2020-08-04Correct confusing X509V3 conf error output by removing needless 'section:<NUL...Dr. David von Oheimb13-33/+46
2020-08-04Coverity Fixes for issue #12531Norman Ashley1-0/+1
2020-07-24Add X509 related libctx changes.Shane Lontis10-150/+276
2020-07-16x509_vfy.c: Improve key usage checks in internal_verify() of cert chainsDr. David von Oheimb2-15/+41
2020-07-16Constify X509_check_akid and prefer using X509_get0_serialNumber over X509_ge...Dr. David von Oheimb4-6/+5
2020-07-01X509v3_cache_extensions(): Improve coding style and doc, fix case 'sha1 == NULL'Dr. David von Oheimb1-26/+39
2020-07-01Add X509_self_signed(), extending and improving documenation and testsDr. David von Oheimb1-16/+33
2020-07-01Fix issue 1418 by moving check of KU_KEY_CERT_SIGN and weakening check_issued()Dr. David von Oheimb2-24/+18
2020-07-01Optimization and safety precaution in find_issuer() of x509_vfy.c:Dr. David von Oheimb1-1/+5
2020-07-01Refactor (without semantic changes) crypto/x509/{v3_purp.c,x509_vfy.c}Dr. David von Oheimb4-55/+77
generated by cgit v1.1 at 2024-07-14 13:14:47 +0000