aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/x509
Commit message (Collapse)AuthorAgeFilesLines
* Run util/openssl-format-source -v -c .Matt Caswell2015-01-2227-7749/+7581
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Move more comments that confuse indentMatt Caswell2015-01-221-3/+6
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* indent has problems with comments that are on the right hand side of a line.Matt Caswell2015-01-222-36/+67
| | | | | | | Sometimes it fails to format them very well, and sometimes it corrupts them! This commit moves some particularly problematic ones. Reviewed-by: Tim Hudson <tjh@openssl.org>
* More indent fixes for STACK_OFMatt Caswell2015-01-222-2/+2
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Fix indent issue with functions using STACK_OFMatt Caswell2015-01-222-4/+4
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Further comment changes for reformat (master)Matt Caswell2015-01-224-11/+12
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Cleanup OPENSSL_NO_xxx, part 1master-pre-reformatRich Salz2015-01-142-11/+11
| | | | | | | | | | OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160 OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO Two typo's on #endif comments fixed: OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE Reviewed-by: Richard Levitte <levitte@openssl.org>
* Further comment amendments to preserve formatting prior to source reformatMatt Caswell2015-01-061-1/+2
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Constify ASN1_TYPE_cmp add X509_ALGOR_cmp.Dr. Stephen Henson2015-01-051-0/+1
| | | | Reviewed-by: Emilia Käsper <emilia@openssl.org>
* Fix various certificate fingerprint issues.Dr. Stephen Henson2015-01-051-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By using non-DER or invalid encodings outside the signed portion of a certificate the fingerprint can be changed without breaking the signature. Although no details of the signed portion of the certificate can be changed this can cause problems with some applications: e.g. those using the certificate fingerprint for blacklists. 1. Reject signatures with non zero unused bits. If the BIT STRING containing the signature has non zero unused bits reject the signature. All current signature algorithms require zero unused bits. 2. Check certificate algorithm consistency. Check the AlgorithmIdentifier inside TBS matches the one in the certificate signature. NB: this will result in signature failure errors for some broken certificates. 3. Check DSA/ECDSA signatures use DER. Reencode DSA/ECDSA signatures and compare with the original received signature. Return an error if there is a mismatch. This will reject various cases including garbage after signature (thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program for discovering this case) and use of BER or invalid ASN.1 INTEGERs (negative or with leading zeroes). CVE-2014-8275 Reviewed-by: Emilia Käsper <emilia@openssl.org>
* mark all block comments that need format preserving so thatTim Hudson2014-12-305-6/+10
| | | | | | | indent will not alter them when reformatting comments Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Change all instances of OPENSSL_NO_DEPRECATED to OPENSSL_USE_DEPRECATEDMatt Caswell2014-12-181-1/+1
| | | | | | Introduce use of DECLARE_DEPRECATED Reviewed-by: Rich Salz <rsalz@openssl.org>
* Remove fipscanister build functionality from makefiles.Dr. Stephen Henson2014-12-081-1/+1
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Remove all .cvsignore filesRich Salz2014-11-281-4/+0
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* RT1909: Omit version for v1 certificatesGeoff Keating2014-09-091-0/+6
| | | | | | | When calling X509_set_version to set v1 certificate, that should mean that the version number field is omitted. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* RT2841: Extra return in check_issuedPaul Suhler2014-09-081-1/+0
| | | | Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* Add i2d_re_X509_tbsEmilia Kasper2014-09-051-0/+2
| | | | | | | i2d_re_X509_tbs re-encodes the TBS portion of the certificate. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Dr Stephen Henson <steve@openssl.org>
* NETSCAPE_SPKI_b64_encode: free der_spki and b64_str on error pathJonas Maebe2014-08-171-0/+4
| | | | | Signed-off-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* get_cert_by_subject: check for NULL when allocating hentJonas Maebe2014-08-171-0/+7
| | | | | Signed-off-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* RT2751: Declare get_issuer_sk() earlier.Rich Salz2014-08-151-0/+1
| | | | | | | Add a declaration for get_issuer_sk() so that other functions in x509_vf.c could use it. (Planned work around cross-certification chains.) Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Update API to use (char *) for email addresses and hostnamesViktor Dukhovni2014-07-074-20/+22
| | | | | | Reduces number of silly casts in OpenSSL code and likely most applications. Consistent with (char *) for "peername" value from X509_check_host() and X509_VERIFY_PARAM_get0_peername().
* Set optional peername when X509_check_host() succeeds.Viktor Dukhovni2014-07-061-1/+2
| | | | | Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host(). Document modified interface.
* New peername element in X509_VERIFY_PARAM_IDViktor Dukhovni2014-07-063-1/+10
| | | | Declaration, memory management, accessor and documentation.
* Make depend.Ben Laurie2014-06-301-1/+1
|
* One more typo when changing !result to result <= 0Viktor Dukhovni2014-06-231-1/+1
|
* Fix typo in last commitViktor Dukhovni2014-06-221-1/+1
|
* Multiple verifier reference identities.Viktor Dukhovni2014-06-224-10/+102
| | | | Implemented as STACK_OF(OPENSSL_STRING).
* X509_check_mumble() failure is <= 0, not just 0Viktor Dukhovni2014-06-221-3/+3
|
* Drop hostlen from X509_VERIFY_PARAM_ID.Viktor Dukhovni2014-06-223-8/+4
| | | | | Just store NUL-terminated strings. This works better when we add support for multiple hostnames.
* Don't use expired certificates if possible.Dr. Stephen Henson2014-05-253-9/+37
| | | | | | | | When looking for the issuer of a certificate, if current candidate is expired, continue looking. Only return an expired certificate if no valid certificates are found. PR#3359
* Rename vpm_int.h to x509_lcl.hDr. Stephen Henson2014-05-254-6/+6
|
* Fixes to host checking.Viktor Dukhovni2014-05-214-2/+13
| | | | | | Fixes to host checking wild card support and add support for setting host checking flags when verifying a certificate chain.
* For self signed root only indicate one error.Dr. Stephen Henson2014-03-031-2/+5
| | | | (cherry picked from commit bdfc0e284c89dd5781259cc19aa264aded538492)
* x509/by_dir.c: fix run-away pointer (and potential SEGV)Andy Polyakov2014-02-241-4/+2
| | | | | | | when adding duplicates in add_cert_dir. PR: 3261 Reported by: Marian Done
* make dependDr. Stephen Henson2014-02-191-2/+2
|
* Include TA in checks/callback with partial chains.Dr. Stephen Henson2014-02-141-1/+1
| | | | | | When a chain is complete and ends in a trusted root checks are also performed on the TA and the callback notified with ok==1. For consistency do the same for chains where the TA is not self signed.
* Don't do loop detection for self signed check.Dr. Stephen Henson2014-02-141-0/+2
|
* Compare encodings in X509_cmp as well as hash.Dr. Stephen Henson2014-01-261-1/+14
|
* Fix bug in X509_V_FLAG_IGNORE_CRITICAL CRL handling.Dr. Stephen Henson2014-01-091-3/+2
|
* Add opaque ID structure.Dr. Stephen Henson2013-12-135-37/+139
| | | | | | | | | | | | Move the IP, email and host checking fields from the public X509_VERIFY_PARAM structure into an opaque X509_VERIFY_PARAM_ID structure. By doing this the structure can be modified in future without risk of breaking any applications. (cherry picked from commit adc6bd73e3bd10ce6e76867482e8d137071298d7) Conflicts: crypto/x509/x509_vpm.c
* Fix for partial chain notification.Dr. Stephen Henson2013-12-131-1/+5
| | | | | | | For consistency with other cases if we are performing partial chain verification with just one certificate notify the callback with ok==1. (cherry picked from commit 852553d9005e13aed7feb986a5d71cb885b994c7)
* Partial path fix.Dr. Stephen Henson2013-09-081-11/+8
| | | | | When verifying a partial path always check to see if the EE certificate is explicitly trusted: the path could contain other untrusted certificates.
* Make no-ec compilation work.Dr. Stephen Henson2013-08-171-0/+16
|
* Fix verify loop with CRL checking.Dr. Stephen Henson2013-07-121-0/+11
| | | | | | | | | | | PR #3090 Reported by: Franck Youssef <fry@open.ch> If no new reason codes are obtained after checking a CRL exit with an error to avoid repeatedly checking the same CRL. This will only happen if verify errors such as invalid CRL scope are overridden in a callback.
* Reencode with X509_CRL_ctx_sign too.Dr. Stephen Henson2013-06-051-0/+1
|
* Reencode certificates in X509_sign_ctx.Dr. Stephen Henson2013-05-021-0/+1
| | | | | | | Reencode certificates in X509_sign_ctx as well as X509_sign. This was causing a problem in the x509 application when it modified an existing certificate.
* Make "make depend" work on MacOS out of the box.Ben Laurie2013-01-191-7/+9
|
* Fix warning.Ben Laurie2013-01-061-1/+1
|
* Make partial chain checking work if we only have the EE certificate inDr. Stephen Henson2012-12-211-0/+41
| | | | the trust store.
* New verify flag to return success if we have any certificate in theDr. Stephen Henson2012-12-132-0/+11
| | | | | trusted store instead of the default which is to return an error if we can't build the complete chain.
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-12 03:14:29 +0000