summaryrefslogtreecommitdiff
path: root/trust/builder.c
Commit message (Collapse)AuthorAgeFilesLines
* build: Free memory before return{,_val}_if_* macrosDaiki Ueno2018-10-171-1/+4
|
* trust: Avoid array overflowDaiki Ueno2018-05-071-2/+2
|
* Support loading new NSS attribute CKA_NSS_MOZILLA_CA_POLICY from .p11-kit files.Kai Engert2017-02-161-0/+1
| | | | | See also NSS bug https://bugzilla.mozilla.org/show_bug.cgi?id=1334976 and p11-kit bug https://bugs.freedesktop.org/show_bug.cgi?id=99453
* Fix typos flagged by codespellDaiki Ueno2016-08-221-1/+1
|
* trust: Certificate CKA_ID is SubjectKeyIdentifier if possibleStef Walter2014-10-091-10/+45
| | | | | | | | | | | | | | | | | | | | | | The PKCS#11 spec states that the CKA_ID should match the SubjectKeyIdentifier if such an extension is present. We delay the filling of CKA_ID until the builder phase of populating attributes which allows us to have more control over how this works. Note that we don't make CKA_ID reflect SubjectKeyIdentifier *attached* extensions. The CKA_ID isn't supposed to change after object creation. Making it dependent on attached extensions would be making promises we cannot keep, since attached extensions can be added/removed at any time. This also means the CKA_ID of attached extensions and certificates won't necessarily match up, but that was never promised, and not how attached extensions should be matched to their certificate anyway. Based on a patch and research done by David Woodhouse. https://bugs.freedesktop.org/show_bug.cgi?id=84761
* trust: Use term 'attached extensions' instead of 'stapled'Stef Walter2014-09-101-2/+2
| | | | | | | The term 'stapled extensions' is confusing because it overloads terminology used with OSCP stapling. Suggested by Daniel Kahn Gillmor.
* common: New public pkcs11x.h header containing extensionsStef Walter2014-09-101-0/+1
| | | | | | | Move our internal stuff to pkcs11i.h, and install the pkcs11x.h header containing extensions. https://bugs.freedesktop.org/show_bug.cgi?id=83495
* common: Change the CKA_X_PUBLIC_KEY_INFO constant to CKA_PUBLIC_KEY_INFOStef Walter2014-09-101-7/+7
| | | | | | | | | CKA_PUBLIC_KEY_INFO is defined in the PKCS#11 2.40 draft, so use that rather than defining our own. * Fixed up by Nikos Mavrogiannopoulos <nmav@redhat.com> https://bugs.freedesktop.org/show_bug.cgi?id=83495
* trust: Produce a proper message for an invalid stapled extensionStef Walter2014-09-051-1/+10
| | | | | | Previously we would output a line like this: p11-kit: 'node != NULL' not true at lookup_extension
* trust: Don't use invalid public keys for looking up stapled extensionsStef Walter2014-08-081-1/+1
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=82328
* trust: Print label of certificate when complaining about basic constraintsStef Walter2014-08-081-1/+5
| | | | https://bugs.freedesktop.org/show_bug.cgi?id=82328
* Fix various memory leaks exposed by 'make leakcheck'Stef Walter2013-07-231-3/+3
|
* Use simple serial automake test harnessStef Walter2013-07-231-1/+1
| | | | | * Add a testing sanity check to see if we're catching errors * Fix a few other testing issues
* Declare static variables const where it makes senseStef Walter2013-07-181-19/+19
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985337
* Add support for using freebl3 for SHA1 and MD5 hashingStef Walter2013-07-101-8/+8
| | | | | | Since we don't want to link freebl3 to libp11-kit.so where it isn't needed, move the SHA-1 and MD5 digest functionality to the trust/ directory.
* trust: Fix various issues writing objects in trust tokenStef Walter2013-07-081-106/+46
| | | | | | | | * Create directory before trying to write files to it * Handle write failures appropriately Refactor how we build and store objects in the index to handle the above cases properly.
* trust: Port to use CKA_PUBLIC_KEY_INFO and updated trust store specStef Walter2013-07-041-45/+73
| | | | | | | | | | * Use the concepts and PKCS#11 objects described in the recently updated (still work in progress) storing trust spec. * Define our own CKA_X_PUBLIC_KEY_INFO define for now, since the the CKA_PUBLIC_KEY_INFO isn't defined yet. * Most notably, the association between certificates and stapled extensions is by public key. * Rework some of the tests to take into account the above.
* trust: Rename p11_index_batch() to p11_index_load()Stef Walter2013-07-031-2/+2
| | | | | | The name makes it clearer what's going on. This is only used during loading, so we can track whether a change has resulted from the trust module or from the file storage.
* trust: Implement reloading of token dataStef Walter2013-07-031-1/+2
| | | | | | | | | | | | | | | * Reload token data whenever a new session is opened. * Only reload files/directories that have changed. * Move duplicate anchor/blacklist detection logic into the extract code. This is in line with the approach being discussed on the mailing lists and spec document. * New internal attribute CKA_X_ORIGIN set on all objects so we can track where an object came from, and replace it when reloaded. In general this is a prerequisite for modification of objects reload before modify is necessary to prevent multiple callers clobbering each other's changes.
* trust: Implement validation for creating/modifying objectsStef Walter2013-06-261-43/+234
|
* Fix off by one in date parsing codeStef Walter2013-04-041-1/+1
| | | | | We didn't treat the two digit year 00 as a valid year, whereas it actually represents the year 2000. This is in a non-critical code path.
* Don't respect timezones for CKA_START_DATE or CKA_END_DATEStef Walter2013-04-031-20/+80
| | | | | | | | | | | | | The PKCS#11 specification does not note what timezone these dates are in. In addition the time values are not represented in PKCS#11. So don't reinterpret certificate dates, other than filling in the century for dates that have a two digit year. Lastly, these are low resolution optional fields so not being all strict about timezones here is appropriate. https://bugs.freedesktop.org/show_bug.cgi?id=62825
* Separate library init from message codeStef Walter2013-04-031-1/+1
| | | | | | | | | | | Put library init/uninit code its into their own statically linked library so that they don't get linked into the p11-kit executable. Refactor the message code so that the library initialization can plug in its per thread message buffer. https://bugs.freedesktop.org/show_bug.cgi?id=63046
* Use CKA_X_CERTIFICATE_VALUE for trust assertionsStef Walter2013-03-291-5/+10
| | | | | | | These don't contain the CKA_VALUE attribute for certificate data but rather the CKA_X_CERTIFICATE_VALUE attribute. https://bugs.freedesktop.org/show_bug.cgi?id=62896
* Don't try to guess at overflowing time values on 32-bit systemsStef Walter2013-03-281-2/+3
| | | | | | | | | Since CKA_START_DATE and CKA_END_DATE are the only places where we want to parse out times, and these are optional, just leave blank if the time overflows what libc can handle on a 32-bit system. https://bugs.freedesktop.org/show_bug.cgi?id=62825
* Fix memory leaks reported by 'make leakcheck'Stef Walter2013-03-201-0/+2
|
* trust: Rework index to be faster and more usableStef Walter2013-03-201-5/+9
| | | | | | | | | The index now uses a sort of cross between a hash table and a bloom filter internally to select matching items. This is needed for the massive amount of lookups we want to do during loading. In addition make p11_index_find() and p11_index_replace() easier to use.
* hash: Rename file and functions for hashesStef Walter2013-03-201-8/+8
| | | | | We're going to be adding other hashes. Also build as part of a different common library.
* trust: Fix invalid varargs call in the builderStef Walter2013-03-181-1/+1
|
* trust: Handle incorrectly encoded CKA_SERIAL_NUMBER lookupsStef Walter2013-03-181-1/+1
| | | | | | | | Handle lookups for trust objects (by NSS) which expect CKA_SERIAL_NUMBER attributes without appropriate DER encoding. In addition allow creation of NSS trust objects as PKCS#11 session objects, so that we can test this behavior.
* trust: Better generation of nss objects and assertions for serial+issuerStef Walter2013-03-181-116/+151
| | | | | | | In many cases certficates are distrusted by serial+issuer. Make sure this works, and fix various cases where we weren't generating compat NSS objects and compat trust assertions for these types of input.
* Refine looking up of attributes in arraysStef Walter2013-03-181-52/+44
| | | | | | | | There was a class of bugs for looking up invalid or empty attributes in the internal PKCS#11 attribute arrays. * Refine what p11_attrs_find_valid() treats as valid * Rename p11_attrs_is_empty() to p11_attrs_terminator() for clarity
* trust: Use a SHA-1 hash of subjectPublicKeyInfo as CKA_ID by defaultStef Walter2013-03-151-6/+14
| | | | | | | This is what's recommended by the spec, and allows stapled extensions to hang off a predictable CKA_ID. https://bugs.freedesktop.org/show_bug.cgi?id=62329
* trust: Add a builder which builds objects out of parsed dataStef Walter2013-03-151-0/+1556
The builder completes the objects from the parsed data and takes over the responsibilities that the parser and adapter previously shared. This is necessary to prepare for arbitrary data coming from the p11-kit specific input files. https://bugs.freedesktop.org/show_bug.cgi?id=62329