Richard Levitte
|
ffd2df135a
X509_check_issued: check that signature algo matches signing key algo
|
5 lat temu |
Richard Levitte
|
3e4b43b9e5
Following the license change, modify the boilerplates in crypto/x509/
|
6 lat temu |
KaoruToda
|
26a7d938c9
Remove parentheses of return.
|
7 lat temu |
Pauli
|
f32b0abe26
Remove unnecessary #include <openssl/lhash.h> directives.
|
7 lat temu |
Todd Short
|
3bb0f989b5
OCSP Updates: error codes and multiple certificates
|
9 lat temu |
Richard Levitte
|
c8223538cb
Check that the subject name in a proxy cert complies to RFC 3820
|
8 lat temu |
Viktor Dukhovni
|
f75b34c8c8
When strict SCT fails record verification failure
|
8 lat temu |
Viktor Dukhovni
|
f3e235ed6f
Ensure verify error is set when X509_verify_cert() fails
|
8 lat temu |
Rich Salz
|
b1322259d9
Copyright consolidation 09/10
|
8 lat temu |
Viktor Dukhovni
|
fbb82a60dc
Move peer chain security checks into x509_vfy.c
|
8 lat temu |
Viktor Dukhovni
|
d33def6624
Deprecate the -issuer_checks debugging option
|
8 lat temu |
Viktor Dukhovni
|
c0a445a9f2
Suppress DANE TLSA reflection when verification fails
|
8 lat temu |
Rich Salz
|
349807608f
Remove /* foo.c */ comments
|
9 lat temu |
Richard Levitte
|
b39fc56061
Identify and move common internal libcrypto header files
|
9 lat temu |
Matt Caswell
|
0f113f3ee4
Run util/openssl-format-source -v -c .
|
9 lat temu |
Dr. Stephen Henson
|
3bf15e2974
Integrate host, email and IP address checks into X509_verify.
|
12 lat temu |
Dr. Stephen Henson
|
3ad344a517
add suite B chain validation flags and associated verify errors
|
12 lat temu |
Dr. Stephen Henson
|
2b3936e882
avoid verification loops in trusted store when path building
|
14 lat temu |
Dr. Stephen Henson
|
4b96839f06
Add support for CRLs partitioned by reason code.
|
16 lat temu |
Dr. Stephen Henson
|
e9746e03ee
Initial support for name constraints certificate extension.
|
16 lat temu |
Andy Polyakov
|
3005764c18
Typo in x509_txt.c.
|
17 lat temu |
Ben Laurie
|
96ea4ae91c
Add RFC 3779 support.
|
18 lat temu |
Dr. Stephen Henson
|
bc7535bc7f
Support for AKID in CRLs and partial support for IDP. Overhaul of CRL
|
18 lat temu |
Richard Levitte
|
d9bfe4f97c
Added restrictions on the use of proxy certificates, as they may pose
|
19 lat temu |
Richard Levitte
|
6951c23afd
Add functionality needed to process proxy certificates.
|
20 lat temu |
Richard Levitte
|
30b415b076
Make an explicit check during certificate validation to see that the
|
20 lat temu |
Dr. Stephen Henson
|
5d7c222db8
New X509_VERIFY_PARAM structure and associated functionality.
|
20 lat temu |
Dr. Stephen Henson
|
bc50157010
Various X509 fixes. Disable broken certificate workarounds
|
20 lat temu |
Richard Levitte
|
d420ac2c7d
Use BUF_strlcpy() instead of strcpy().
|
21 lat temu |
Dr. Stephen Henson
|
f1558bb424
|
23 lat temu |