| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Refactor how parsing of ASN.1 data and certificate extensions work | Stef Walter | 2013-02-05 | 1 | -12/+19 |
| | | |||||
| * | Fill in certificate authority and trust data correctly | Stef Walter | 2013-02-05 | 1 | -32/+42 |
| | | | | | | | | | | | | | * Fill in CKA_CERTIFICATE_CATEGORY properly for authorities based on the presence of BasicConstraints and/or v1 certificates * Fill in CKA_TRUSTED and CKA_X_DISTRUSTED based on whether the parser is running for anchors or blacklist * In addition support the concept of blacklisted certificates mixed in with the anchors (without any purposes) since that's what exists in the real world. * We do this after the various hooks have had a chance to mess with the certificate extensions and such. | ||||
| * | Implement stapled certificate extensions internally | Stef Walter | 2013-02-05 | 1 | -0/+284 |
| * Use stapled certificate extensions to represent loaded trust policy * Build NSS trust objects from stapled certificate extensions * Add further attribute debugging for NSS trust objects * Use a custom certificate extension for the OpenSSL reject purpose data * Use SubjectKeyIdentifier for OpenSSL keyid data * Use ExtendedKeyUsage for OpenSSL trust purpose data * Implement simple way to handle binary DER OIDs, using the DER TLV length. DER OIDs are used in the CKA_OBJECT_ID value, and elsewhere. * Split out the building of NSS trust objects from the main parser | |||||
 |
index : p11-kit.git | |
| Clone of https://github.com/p11-glue/p11-kit |
| summaryrefslogtreecommitdiff |