summaryrefslogtreecommitdiffstats
path: root/crypto/x509/x509_vfy.c
AgeCommit message (Expand)Author
2020-07-01Add X509_self_signed(), extending and improving documenation and testsDr. David von Oheimb
2020-07-01Fix issue 1418 by moving check of KU_KEY_CERT_SIGN and weakening check_issued()Dr. David von Oheimb
2020-07-01Optimization and safety precaution in find_issuer() of x509_vfy.c:Dr. David von Oheimb
2020-07-01Refactor (without semantic changes) crypto/x509/{v3_purp.c,x509_vfy.c}Dr. David von Oheimb
2020-07-01Improve documentation, layout, and code comments regarding self-issued certs ...Dr. David von Oheimb
2020-05-26Coverity 1463830: Resource leaks (RESOURCE_LEAK)Pauli
2020-05-18Fix some places where X509_up_ref is usedBernd Edlinger
2020-04-30coverity 1462560 Resource leakPauli
2020-04-24In OpenSSL builds, declare STACK for datatypes ...Rich Salz
2020-04-16Introduce an internal version of X509_check_issued()Matt Caswell
2020-04-16Create a libctx aware X509_verify_ex()Matt Caswell
2020-04-09Use the libctx and propq from the X509_STORE_CTXMatt Caswell
2020-04-08Add X509_STORE_CTX_new_with_libctx()Matt Caswell
2020-04-06Set X509_V_ERR_INVALID_EXTENSION error for invalid basic constraintsTomas Mraz
2020-03-23Constify various mostly X509-related parameter types in crypto/ and apps/Dr. David von Oheimb
2020-03-21Fix error handling in x509v3_cache_extensions and related functionsBernd Edlinger
2019-12-04add X509_cmp_timeframe() including its documentationDr. David von Oheimb
2019-10-09Explicitly test against NULL; do not use !p or similarRich Salz
2019-09-28Reorganize local header filesDr. Matthias St. Pierre
2019-09-28Reorganize private crypto header filesDr. Matthias St. Pierre
2019-08-14Add missing EBCDIC stringsopensslonzos-github
2019-07-31Rename X509_STORE ptr stored in opaque struct X509_STORE_CTXShane Lontis
2018-12-20Admit unknown pkey types at security level 0Ken Goldman
2018-12-06Following the license change, modify the boilerplates in crypto/x509/Richard Levitte
2018-10-18Apply self-imposed path length also to root CAsViktor Dukhovni
2018-10-18Only CA certificates can be self-issuedViktor Dukhovni
2018-05-23Skip CN DNS name constraint checks when not neededViktor Dukhovni
2018-05-01Update copyright yearMatt Caswell
2018-04-24X509: add more error codes on malloc or sk_TYP_push failureFdaSilvaYY
2017-09-29Remove unnecessary #include <openssl/lhash.h> directives.Pauli
2017-09-22Guard against DoS in name constraints handling.David Benjamin
2017-08-22Use "" not <> for internal/ includesRich Salz
2017-08-22This has been added to avoid the situation where some host ctype.h functionsPauli
2017-08-21Remove OPENSSL_assert() from crypto/x509Matt Caswell
2017-04-25Use X509_get_signature_info() when checking security levels.Dr. Stephen Henson
2017-02-24X509 time: tighten validation per RFC 5280Emilia Kasper
2016-12-02Restore last-resort expired untrusted intermediate issuersViktor Dukhovni
2016-08-24Un-delete still documented X509_STORE_CTX_set_verifyViktor Dukhovni
2016-08-23Add some sanity checks when checking CRL scoresMatt Caswell
2016-08-19Constify certificate and CRL time routines.Dr. Stephen Henson
2016-08-05spelling fixes, just comments and readme.klemens
2016-08-03Don't check any revocation info on proxy certificatesRichard Levitte
2016-07-29Fix CRL time comparison.Dr. Stephen Henson
2016-07-26Remove current_method from X509_STORE_CTXDr. Stephen Henson
2016-07-25Add setter and getter for X509_STORE's check_policyRichard Levitte
2016-07-25Add getters / setters for the X509_STORE_CTX and X509_STORE functionsRichard Levitte
2016-07-22Use newest CRL.Dr. Stephen Henson
2016-07-12Perform DANE-EE(3) name checks by defaultViktor Dukhovni
2016-07-11Add nameConstraints commonName checking.Dr. Stephen Henson
2016-06-30Remove the envvar hack to enable proxy cert processingRichard Levitte
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-09 13:16:56 +0000