summaryrefslogtreecommitdiffstats
path: root/crypto/x509/x509_vfy.c
AgeCommit message (Expand)Author
2021-02-18chain_build(): Call verify_cb_cert() if a preliminary error has become finalDr. David von Oheimb
2021-02-17x509_vfy: fix mem leaks in chain_build() on malloc error Coverify CID 1473068Dr. David von Oheimb
2021-02-15x509_vfy: remove redundant stack allocationBenjamin Kaduk
2021-02-11X509_STORE_CTX_cleanup(): Use internally so no need to call explicitlyDr. David von Oheimb
2021-02-11x509_vfy.c: Make chain_build() error diagnostics to the pointDr. David von Oheimb
2021-02-09x509_vfy.c: Sort out return values 0 vs. -1 (failure/internal error)Dr. David von Oheimb
2021-02-09X509_get_pubkey_parameters(): Correct failure behavior and its useDr. David von Oheimb
2021-02-09x509_vfy.c: Fix various coding style and documentation style nitsDr. David von Oheimb
2021-02-06Add X509_STORE_CTX_verify(), which takes the first untrusted cert as default ...Dr. David von Oheimb
2021-02-04x509_vfy.c: Improve coding style and comments all over the fileDr. David von Oheimb
2021-02-04Allow NULL arg to OPENSSL_sk_{dup,deep_copy} returning empty stackDr. David von Oheimb
2021-01-28Update copyright yearRichard Levitte
2021-01-26Deprecate EC_KEY + Update ec apps to use EVP_PKEYShane Lontis
2021-01-20x509_vfy.c: Rename CHECK_CB() to the more intuitively readable CB_FAIL_IF()Dr. David von Oheimb
2021-01-14find_issuer(): When returning an expired issuer, take the most recently expir...Dr. David von Oheimb
2021-01-13x509_vfy.c: Fix a regression in find_issuer()Dr. David von Oheimb
2021-01-13Add X509_NAME_hash_ex() to be able to check if it failed due to unsupported SHA1Dr. David von Oheimb
2020-12-04x509_vfy.c: Improve comments (correcting typos etc.)Dr. David von Oheimb
2020-12-03x509_vfy.c: Restore rejection of expired trusted (root) certificateDr. David von Oheimb
2020-12-03remove unused assignmentsPauli
2020-11-22x509_vfy.c: Remove superfluous assignment to 'ret' in check_chain()Ankita Shetty
2020-11-13Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() callRichard Levitte
2020-11-06x509_vfy.c: Call verification callback individually per strict check in check...David von Oheimb
2020-11-06x509_vfy.c: Introduce CHECK_CB macro simplifying use of cert verification cb ...David von Oheimb
2020-10-15Rename OPENSSL_CTX prefix to OSSL_LIB_CTXDr. Matthias St. Pierre
2020-10-08Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATUREAndré Klitzing
2020-10-01Run the withlibctx.pl scriptMatt Caswell
2020-09-17Rename check_chain_extensions to check_chainTomas Mraz
2020-09-17Disallow certs with explicit curve in verification chainTomas Mraz
2020-09-16free memory use on error in cert verifyPauli
2020-09-13Ignore unused return values from some sk_*() macrosMatt Caswell
2020-09-13Fix stacks of OPENSSL_STRING, OPENSSL_CSTRING and OPENSSL_BLOCKMatt Caswell
2020-09-13Fix safestack issues in x509v3.hMatt Caswell
2020-09-13Fix safestack issues in x509.hMatt Caswell
2020-09-11check_chain_extensions(): Require X.509 v3 if extensions are presentDr. David von Oheimb
2020-09-11check_chain_extensions(): Change exclusion condition w.r.t. RFC 6818 section 2Dr. David von Oheimb
2020-09-11x509_vfy.c: Make sure that strict checks are not done for self-issued EE certsDr. David von Oheimb
2020-09-11check_chain_extensions(): Add check that CA cert includes key usage extensionDr. David von Oheimb
2020-09-11check_chain_extensions(): Add check that on empty Subject the SAN must be mar...Dr. David von Oheimb
2020-09-11check_chain_extensions(): Add check that AKID and SKID are not marked criticalDr. David von Oheimb
2020-09-11check_chain_extensions(): Add check that Basic Constraints of CA cert are mar...Dr. David von Oheimb
2020-09-11Extend X509 cert checks and error reporting in v3_{purp,crld}.c and x509_{set...Dr. David von Oheimb
2020-08-12Introduce X509_add_cert[s] simplifying various additions to cert listsDr. David von Oheimb
2020-07-24Add X509 related libctx changes.Shane Lontis
2020-07-16x509_vfy.c: Improve key usage checks in internal_verify() of cert chainsDr. David von Oheimb
2020-07-01Add X509_self_signed(), extending and improving documenation and testsDr. David von Oheimb
2020-07-01Fix issue 1418 by moving check of KU_KEY_CERT_SIGN and weakening check_issued()Dr. David von Oheimb
2020-07-01Optimization and safety precaution in find_issuer() of x509_vfy.c:Dr. David von Oheimb
2020-07-01Refactor (without semantic changes) crypto/x509/{v3_purp.c,x509_vfy.c}Dr. David von Oheimb
2020-07-01Improve documentation, layout, and code comments regarding self-issued certs ...Dr. David von Oheimb
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-04 14:46:07 +0000