| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
* Use stapled certificate extensions to represent loaded trust policy
* Build NSS trust objects from stapled certificate extensions
* Add further attribute debugging for NSS trust objects
* Use a custom certificate extension for the OpenSSL reject purpose data
* Use SubjectKeyIdentifier for OpenSSL keyid data
* Use ExtendedKeyUsage for OpenSSL trust purpose data
* Implement simple way to handle binary DER OIDs, using the DER TLV
length. DER OIDs are used in the CKA_OBJECT_ID value, and elsewhere.
* Split out the building of NSS trust objects from the main parser
|
|
|
|
|
|
| |
This is based off the roots-store from gnome-keyring and loads
certificates from a root directory and exposes them as PKCS#11
objects.
|
|
|
|
|
| |
We want to use p11_message in our commands anyway, since that
allows us control with --verbose and --quiet.
|
|
|
|
|
|
| |
It was getting really wild knowing whether a function returning
an int would return -1 on failure or 0 or whether the int return
value was actually a number etc..
|
|
|
|
|
|
|
|
|
|
|
| |
Start using p11_ as our internal prefix rather than _p11_. We explicitly
export p11_kit_ so this is fine as far as visibility.
Move the threading, mutex, and module compat, dict, and array code
into the common directory too.
Take this opportunity to clean up a bit of internal API as well,
since so many lines are being touched internally.
|
|
|
|
|
|
|
| |
* Conditional inclusion of the errno.h header
* Link librt when appropriate for nanosleep
https://bugs.freedesktop.org/show_bug.cgi?id=52261
|
|
|
|
|
| |
* Add macros GNUC_PRINTF and GNUC_NULL_TERMINATED to check
correct printf and NULL terminated style varargs
|
|
|
|
| |
* And use them in our replacement err() and p11_kit_set_progname()
|
|
* And the compat stuff in the p11-kit directory merged
into util.c and util.h
|