aboutsummaryrefslogtreecommitdiff
path: root/openssl/src/x509
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #937 from marcoh00/iterable-x509namesSteven Fackler2018-07-072-7/+64
|\ | | | | X509NameRef: Provide an iterator over all entries
| * Only grab the name entry count when neededSteven Fackler2018-06-261-3/+1
| |
| * Rename X509NameRef::all_entries and refactor end-of-iterator checksMarco Huenseler2018-06-032-6/+8
| |
| * Provide an Asn1Object getter method for X509NameEntryRefMarco Huenseler2018-06-032-0/+16
| |
| * Make X509NameRef provide an iterator over all X509NameEntriesMarco Huenseler2018-06-032-5/+46
| |
* | Switch to accessors in libressl where possibleSteven Fackler2018-06-091-24/+28
|/ | | | | | | Some accessors are mysteriously still macros so we can't make everything opaque yet, unfortunately. cc #909
* Add SslRef::verified_chainSteven Fackler2018-05-291-6/+4
|
* Rename X509Ref::fingerprint to X509Ref::digest and avoid allocatingSteven Fackler2018-05-242-13/+25
|
* Overhaul openssl cfgsSteven Fackler2018-05-202-84/+84
| | | | Also expose hostname verification on libressl
* Support min/max version in LibreSSLSteven Fackler2018-05-191-5/+8
| | | | | Their implementations of the accessors don't behave expected with no bounds, so we ignore those bits of the tests.
* Add functions to X509Req to obtain public key and extensionsRené Richter2018-04-212-0/+26
| | | | This allows for basic CSR signing.
* Fix a flag nameSteven Fackler2018-03-291-3/+5
|
* Clean up a couple of holdovers from old featuresSteven Fackler2018-03-291-4/+85
|
* Add Asn1IntegerRef::to_bnSteven Fackler2018-03-281-0/+1
| | | | Also deprecate Asn1IntegerRef since it's just asking for trouble.
* Add X509Ref::serial_numberSteven Fackler2018-03-281-0/+13
|
* Remove version-specific featuresSteven Fackler2018-03-191-2/+1
| | | | Closes #852
* Tweak verify_cert's signatureSteven Fackler2018-03-112-36/+40
| | | | | The call can fail either due to an invalid cert or an internal error, and we should distinguish between the two.
* Changes `init` to take a closure which is called with the initialized contextBastian Köcher2018-03-112-14/+28
| | | | | After calling the closure, we automatically cleanup the context. This is required, because otherwise we could have dangling references in the context.
* Moves store context init into its own functionBastian Köcher2018-03-102-13/+24
|
* Extends the test to verify the certificate two timesBastian Köcher2018-03-081-0/+2
|
* Moves `cleanup` into its own functionBastian Köcher2018-03-081-5/+14
|
* Fixes the implementation of `X509StoreContextRef::verify_cert`Bastian Köcher2018-03-072-34/+38
| | | | | | The certificate, the store and the certificates chain does not need to be consumed by `verify_cert` and instead are taken as references. We also call `X509_STORE_CTX_cleanup`, after the verification succeeded.
* delay return until after forgetsBenjamin Fry2018-03-071-2/+4
|
* cleanup and add negative testBenjamin Fry2018-03-072-6/+23
|
* add cleanup ffi to store contextBenjamin Fry2018-03-072-3/+7
|
* restructure to self contained functionBenjamin Fry2018-03-072-8/+12
|
* Little tweaksSteven Fackler2018-03-071-4/+4
|
* convert to raw pass-through methodsBenjamin Fry2018-03-072-7/+23
|
* add comment about consuming self in verify_certBenjamin Fry2018-03-071-0/+3
|
* fix error checkBenjamin Fry2018-03-072-5/+4
|
* properly version library functionsBenjamin Fry2018-03-072-0/+8
|
* Fix memory mgmtBenjamin Fry2018-03-071-1/+1
|
* add verify_cert and store_context_builderBenjamin Fry2018-03-071-0/+17
|
* Remove the x509 module-level exampleSteven Fackler2018-03-051-33/+0
| | | | | | | | | | | | The example generated a bogus certificate that was missing a serial number, a validity range, etc. Generating a correct x509 certificate is complex enough that doing it correctly is too long to be a reasonable doc example. There's already a more complete example in the examples directory that handles things more correctly. Closes #859
* Tweak featuresSteven Fackler2018-02-141-2/+2
| | | | We should keep the version features totally separate for now.
* OpenSSL 1.1.1 supportSteven Fackler2018-02-131-1/+1
|
* Don't leak X509sSteven Fackler2018-02-121-5/+4
|
* add support for rfc822Name (email) and uniformResourceIdentifier (uri) to ↵Ian P. Cooke2018-01-152-7/+32
| | | | GeneralName
* Rename key serialization/deserialization methodsSteven Fackler2018-01-061-25/+92
| | | | | | Also document their specific formats. Closes #502
* Fix links in x509 moduleAnsley Peduru2018-01-011-2/+4
|
* Merge branch 'master' into x509-docsAnsley Peduru2018-01-012-25/+6
|\
| * Move X509Filetype to SslFiletypeSteven Fackler2018-01-011-12/+0
| | | | | | | | | | | | These constants have the same values, but X509_FILETYPE_DEFAULT doesn't work in the Ssl methods and using the SSL_* names is a bit less confusing.
| * Bump hex to 0.3Bastien Orivel2018-01-011-8/+6
| | | | | | | | | | The `to_hex` method has been removed and `hex::encode` should be used instead.
* | Fix x509 doc examplesAnsley Peduru2018-01-012-12/+44
| |
* | Add documentation for x509 moduleAnsley Peduru2017-12-313-3/+265
|/
* Parameterize keys over what they containSteven Fackler2017-12-302-8/+20
| | | | Closes #790
* Add issuer name access.Steven Fackler2017-12-291-3/+47
| | | | Closes #808
* Split X509StoreContextRef::ssl upSteven Fackler2017-12-261-15/+22
|
* Overhaul verify error typeSteven Fackler2017-12-262-28/+30
| | | | Also set the error in the hostname verification callback for 1.0.1
* Remove deprecated APIsSteven Fackler2017-12-253-632/+5
|
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-11 23:09:56 +0000