summaryrefslogtreecommitdiff
path: root/trust/x509.c
Commit message (Collapse)AuthorAgeFilesLines
* trust: Certificate CKA_ID is SubjectKeyIdentifier if possibleStef Walter2014-10-091-5/+27
| | | | | | | | | | | | | | | | | | | | | | The PKCS#11 spec states that the CKA_ID should match the SubjectKeyIdentifier if such an extension is present. We delay the filling of CKA_ID until the builder phase of populating attributes which allows us to have more control over how this works. Note that we don't make CKA_ID reflect SubjectKeyIdentifier *attached* extensions. The CKA_ID isn't supposed to change after object creation. Making it dependent on attached extensions would be making promises we cannot keep, since attached extensions can be added/removed at any time. This also means the CKA_ID of attached extensions and certificates won't necessarily match up, but that was never promised, and not how attached extensions should be matched to their certificate anyway. Based on a patch and research done by David Woodhouse. https://bugs.freedesktop.org/show_bug.cgi?id=84761
* Always pass size_t varargs to p11_hash_xxx() functionsStef Walter2013-07-181-1/+3
| | | | https://bugzilla.redhat.com/show_bug.cgi?id=985421
* Add support for using freebl3 for SHA1 and MD5 hashingStef Walter2013-07-101-2/+2
| | | | | | Since we don't want to link freebl3 to libp11-kit.so where it isn't needed, move the SHA-1 and MD5 digest functionality to the trust/ directory.
* trust: Add p11_asn1_read() and p11_asn1_free() functionsStef Walter2013-07-041-36/+6
| | | | Some helpers for commonly used ASN.1 related stuff.
* Reorganize various componentsStef Walter2013-06-251-0/+376
* p11-kit library and tool in the p11-kit/ subdirectory * trust module and new trust tool in trust/ subdirectory * No more tools/ subdirectory * Lots less in the common/ subdirectory