aboutsummaryrefslogtreecommitdiff
path: root/src/crypto/x509.c
AgeCommit message (Expand)AuthorFilesLines
2021-05-18[x509] Use case-insensitive comparison for certificate namesMichael Brown1-1/+2
2020-12-28[x509] Clarify debug message for an untrusted X.509 issuerJosh McSavaney1-1/+1
2020-12-09[x509] Make root of trust a reference-counted structureMichael Brown1-11/+45
2020-12-08[x509] Record root of trust used when validating a certificateMichael Brown1-4/+19
2020-12-08[asn1] Rename ASN1_OID_CURSOR to ASN1_CURSORMichael Brown1-9/+9
2018-03-18[ocsp] Centralise test for whether or not an OCSP check is requiredMichael Brown1-2/+2
2016-08-31[crypto] Add certstat() to display basic certificate informationMichael Brown1-2/+2
2016-08-25[crypto] Generalise X.509 "valid" field to a "flags" fieldMichael Brown1-4/+4
2016-08-25[crypto] Add image_x509() to extract X.509 certificates from imageMichael Brown1-0/+42
2015-08-02[crypto] Support SHA-{224,384,512} in X.509 certificatesMichael Brown1-0/+3
2015-04-24[base16] Add buffer size parameter to base16_encode() and base16_decode()Michael Brown1-1/+2
2015-03-05[build] Fix the REQUIRE_SYMBOL mechanismMichael Brown1-0/+3
2015-03-02[legal] Relicense files under GPL2_OR_LATER_OR_UBDLMichael Brown1-1/+5
2014-07-12[crypto] Fix debug messageMichael Brown1-1/+1
2014-07-11[crypto] Add support for iPAddress subject alternative namesMichael Brown1-0/+55
2014-04-01[crypto] Allow wildcard matches on commonName as well as subjectAltNameMichael Brown1-10/+8
2014-03-31[crypto] Add support for subjectAltName and wildcard certificatesMichael Brown1-8/+132
2014-03-30[crypto] Allow signed timestamp error margin to be configured at build timeMichael Brown1-2/+3
2014-03-28[crypto] Use fingerprint when no common name is available for debug messagesMichael Brown1-4/+14
2014-03-28[crypto] Generalise X.509 cache to a full certificate storeMichael Brown1-61/+32
2014-03-25[crypto] Remove dynamically-allocated storage for certificate OCSP URIMichael Brown1-26/+7
2014-03-25[crypto] Remove dynamically-allocated storage for certificate nameMichael Brown1-50/+86
2013-05-10[crypto] Report meaningful error when certificate chain validation failsMichael Brown1-7/+5
2012-07-20[legal] Update FSF mailing address in GPL licence textsMichael Brown1-1/+2
2012-07-09[arp] Try to avoid discarding ARP cache entriesMichael Brown1-1/+1
2012-06-20[crypto] Allow an error margin on X.509 certificate validity periodsMichael Brown1-2/+2
2012-05-22[crypto] Require OCSP check if certificate provides an OCSP URIMichael Brown1-0/+12
2012-05-21[crypto] Return a NULL X.509 certificate if construction failsMichael Brown1-0/+1
2012-05-15[crypto] Add framework for OCSPMichael Brown1-3/+3
2012-05-14[crypto] Parse OCSPSigning key purpose, if presentMichael Brown1-0/+8
2012-05-14[crypto] Generalise x509_parse_bit_string() to asn1_bit_string()Michael Brown1-93/+16
2012-05-14[crypto] Generalise asn1_{digest,pubkey,signature}_algorithm()Michael Brown1-66/+13
2012-05-14[crypto] Generalise x509_parse_time() to asn1_generalized_time()Michael Brown1-116/+10
2012-05-14[crypto] Parse X.509 raw public key bit stringMichael Brown1-2/+8
2012-05-09[crypto] Reduce standard debugging outputMichael Brown1-47/+49
2012-05-08[crypto] Add x509_auto_append()Michael Brown1-0/+66
2012-05-08[crypto] Add x509_append_raw()Michael Brown1-0/+32
2012-05-08[crypto] Check that common name contains no NUL charactersMichael Brown1-0/+9
2012-05-08[crypto] Allow for X.509 certificates with no common nameMichael Brown1-3/+3
2012-05-04[crypto] Allow certificate chains to be long-lived data structuresMichael Brown1-116/+362
2012-05-04[crypto] Parse OCSP responder URI from X.509 certificateMichael Brown1-6/+142
2012-03-22[crypto] Parse X.509 extended key usage extensionMichael Brown1-0/+85
2012-03-22[crypto] Differentiate "untrusted root" and "incomplete chain" error casesMichael Brown1-1/+13
2012-03-22[crypto] Shrink raw certificate data to fit certificateMichael Brown1-0/+1
2012-03-22[crypto] Add previous certificate in chain as a parameter to parse_next()Michael Brown1-4/+6
2012-03-22[crypto] Parse X.509 certificate serial numberMichael Brown1-2/+29
2012-03-22[crypto] Generalise X.509 OID-identified algorithm to asn1.cMichael Brown1-95/+28
2012-03-21[crypto] Validate path length constraint in certificate chainMichael Brown1-0/+14
2012-03-19[tls] Check certificate validity period against current date and timeMichael Brown1-7/+41
2012-03-19[tls] Parse X.509 validity times into seconds since the EpochMichael Brown1-12/+14
generated by cgit v1.1 at 2024-07-11 07:21:01 +0000