summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Only do shared object and DLL initialization in librariesStef Walter2013-02-204-49/+122
| | | | | | Don't do library initialization on shared object load when not running in a library. We'll want to plug into this and do different things per library in the future.
* Move pkcs11.conf and module documentation to a manual pageStef Walter2013-02-206-162/+239
|
* Pull translations from transifexStef Walter2013-02-1340-21/+11845
| | | | | | * Build a script to help with this https://bugs.freedesktop.org/show_bug.cgi?id=60792
* Relicense the buffer code appropriate for inclusion in p11-kitStef Walter2013-02-122-46/+68
| | | | | * All original lines in this file upon arrival in the p11-kit project were written by me, and copyright held by me.
* Release version 0.15.2Stef Walter2013-02-122-1/+7
| | | | * This is an unstable release
* Add finish translationTimo Jyrinki2013-02-122-0/+344
|
* Add and enable German gettext translationAndreas Metzler2013-02-124-0/+361
| | | | | Enable installation of gettext translations and add German translation by Chris Leick.
* Respect destdir when creating package module config directoryAndreas Metzler2013-02-121-1/+1
|
* Fix dereference of varargs in p11_attrs_build()Stef Walter2013-02-111-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=60473
* Remove unnecessary code to be more compatible with various libtasn1 versionsStef Walter2013-02-111-4/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=60434
* Don't require explictly disabling trust module if --without-libtasn1Andreas Metzler2013-02-071-12/+16
| | | | | | | And provide more intelligent error messages about why to build with libtasn1 Tweaked by Stef Walter
* Fix various clang analyzer warningsStef Walter2013-02-068-8/+29
| | | | | * Add annotations to our precondition functions so that they don't make the analyzer complain
* Our minimum version of libtasn1 is 2.14Stef Walter2013-02-051-1/+1
|
* Release version 0.15.1Stef Walter2013-02-052-1/+15
| | | | * This is an unstable release
* Add a placeholder external 'extract-trust' commandStef Walter2013-02-056-0/+75
|
* Implement support for java JKS keystore formatStef Walter2013-02-054-2/+339
| | | | | * All aliases must be lower case in order to work with the default keystore implementation.
* Use the CN, OU or O of certificates to generate a labelStef Walter2013-02-0514-101/+318
| | | | | * This is in cases where the certificate information does not already have a friendly name or alias.
* Add support for exporting OpenSSL's TRUSTED CERTIFICATE formatStef Walter2013-02-0518-0/+2378
|
* Add support for extracting to pem-bundle and pem-directory formatsStef Walter2013-02-059-0/+541
|
* Implement code for writing PEMStef Walter2013-02-055-4/+237
| | | | | | | * Based on the gcr code * Bring in base64 output code from BSD * Make sure to output base64 lines of 64 character length since this is what OpenSSL expects
* Implement basic extract supportStef Walter2013-02-0515-2/+1796
| | | | | | * The only formats supported are x509-file and x509-directory Allow tool to build without extract
* Support for sane writing to files extractedStef Walter2013-02-0510-0/+1504
| | | | | | * Implement atomic writes of files * Writing with checks that not overwriting anything unless desired * Writing and overwriting of directory contents in a robust way
* Add public iterator API to p11-kitStef Walter2013-02-0513-10/+2308
|
* Allow internal use of token and module info matchingStef Walter2013-02-052-20/+41
|
* Move the X.509 extension parsing code in common/Stef Walter2013-02-055-133/+335
| | | | * So it can be used by other code, in addition to the trust stuff
* Add p11_array_clear() functionStef Walter2013-02-053-7/+43
| | | | * Clears an array without freeing the array itself
* Implement trust assertion PKCS#11 objectsStef Walter2013-02-0511-53/+804
| | | | | | * Implement trust assertions for anchored and distrusted certs * Pinned certificate trust assertions are not implemented yet * Add an internal tool for pulling apart bits of certificates
* Refactor how parsing of ASN.1 data and certificate extensions workStef Walter2013-02-0514-667/+1193
|
* Fill in certificate authority and trust data correctlyStef Walter2013-02-058-168/+552
| | | | | | | | | | | | * Fill in CKA_CERTIFICATE_CATEGORY properly for authorities based on the presence of BasicConstraints and/or v1 certificates * Fill in CKA_TRUSTED and CKA_X_DISTRUSTED based on whether the parser is running for anchors or blacklist * In addition support the concept of blacklisted certificates mixed in with the anchors (without any purposes) since that's what exists in the real world. * We do this after the various hooks have had a chance to mess with the certificate extensions and such.
* Implement stapled certificate extensions internallyStef Walter2013-02-0517-387/+1450
| | | | | | | | | | | | * Use stapled certificate extensions to represent loaded trust policy * Build NSS trust objects from stapled certificate extensions * Add further attribute debugging for NSS trust objects * Use a custom certificate extension for the OpenSSL reject purpose data * Use SubjectKeyIdentifier for OpenSSL keyid data * Use ExtendedKeyUsage for OpenSSL trust purpose data * Implement simple way to handle binary DER OIDs, using the DER TLV length. DER OIDs are used in the CKA_OBJECT_ID value, and elsewhere. * Split out the building of NSS trust objects from the main parser
* Better debugging and checks for attribute valuesStef Walter2013-02-054-86/+124
|
* Add tool for testing how fast the token loadsStef Walter2013-02-052-0/+65
|
* Some debug info about which files are being loadedStef Walter2013-02-051-2/+15
|
* Test a TRUSTED CERTIFICATE without any trust OIDsStef Walter2013-02-054-0/+40
|
* Add the builtin roots NSS specific objectStef Walter2013-02-054-5/+61
| | | | This tells NSS that this is a source of anchors.
* Add support for openssl TRUSTED CERTIFICATE PEM filesStef Walter2013-02-058-40/+368
|
* Add support for parsing PEM filesStef Walter2013-02-0512-6/+910
|
* Add basic trust moduleStef Walter2013-02-0560-47/+6580
| | | | | | This is based off the roots-store from gnome-keyring and loads certificates from a root directory and exposes them as PKCS#11 objects.
* Add basic checksum algorithmsStef Walter2013-02-056-2/+766
| | | | | | The SHA-1 and MD5 digests here are used for checksums in legacy protocols. We don't use them in cryptographic contexts at all. These particular algorithms would be poor choices for that.
* Remove the unused err() function and friendsStef Walter2013-02-052-187/+0
| | | | | We want to use p11_message in our commands anyway, since that allows us control with --verbose and --quiet.
* Tweak style of the manualStef Walter2013-02-054-7/+27
| | | | | | | * Unindent the main headings * Don't wrap options * Better spacing in table of contents * Don't have line numbers on code examples
* Add documentation about contributing to p11-kitStef Walter2013-02-056-83/+241
|
* Add a p11-kit tool manual pageStef Walter2013-02-055-35/+130
|
* Change the documentation configure arg to --enable-docStef Walter2013-02-052-19/+24
| | | | * We're building more than just the gtk-doc reference
* Add a /usr/share/p11-kit/modules directory for package module configsStef Walter2013-02-0510-12/+31
| | | | | | * Try to make /etc/pkcs11/modules for administrator use * Override the old pkg-config variables to help packages start using the new location
* Make the p11-kit tool have distinct commandsStef Walter2013-02-054-42/+459
| | | | | | * Change the -l argument into the list-modules command. * Add proper functions for printing usage * Support for external commands in the path or /usr/share/p11-kit
* Add p11_kit_be_loud() function for use in tests and toolsStef Walter2013-02-053-0/+17
| | | | This does the opposite of p11_kit_be_quiet().
* Add internal function for turning on messagesStef Walter2013-02-052-0/+10
| | | | To be used from tests
* Add more mock-module implementationStef Walter2013-02-049-1243/+3835
| | | | | * Move mock code into the common/ directory to be used by multiple components of p11-kit
* Further tweaks and cleanup for functions dealing with PKCS#11 attributesStef Walter2013-02-043-70/+910
| | | | | | | | * Check that the size is correct when looking for a boolean or a ulong. * Make sure that the length is not the invalid negative ulong. * Functions for dumping out attribute contents * Make it possible to use attributes in hash tables
generated by cgit v1.1 at 2024-12-27 21:26:40 +0000