Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Move http_request to certtools | Magnus Ahltorp | 2015-03-03 | 2 | -25/+28 |
| | |||||
* | Move to external signing | Magnus Ahltorp | 2015-03-02 | 5 | -5/+53 |
| | |||||
* | Make sign and ht optional processes. Move sign args to config. | Magnus Ahltorp | 2015-03-01 | 1 | -0/+3 |
| | |||||
* | Move test nodes list to variables | Magnus Ahltorp | 2015-02-28 | 1 | -4/+7 |
| | |||||
* | Improve tests-start and tests-stop | Magnus Ahltorp | 2015-02-27 | 2 | -6/+38 |
| | |||||
* | Updating documentation to reflect authentication changes | Magnus Ahltorp | 2015-02-27 | 1 | -1/+7 |
| | |||||
* | Require authentication for merge calls | Magnus Ahltorp | 2015-02-27 | 4 | -17/+39 |
| | |||||
* | Added authentication between frontend and storage nodes | Magnus Ahltorp | 2015-02-27 | 10 | -6/+86 |
| | |||||
* | Add some debugging help to README. | Linus Nordberg | 2015-02-27 | 1 | -0/+6 |
| | |||||
* | Make merge.sh actually work. | Linus Nordberg | 2015-02-27 | 1 | -6/+10 |
| | |||||
* | Remove mergedb before starting merge. | Linus Nordberg | 2015-02-27 | 1 | -0/+1 |
| | | | | | | How bad is this idea if you ever want to restart merge without starting the log from scratch? As long as the storage node doesn't lose its data, I guess it's ok. | ||||
* | chmod +x merge.sh | Linus Nordberg | 2015-02-27 | 2 | -1/+1 |
| | | | | Also fix path in README. | ||||
* | Added instructions for minimal system setup | Magnus Ahltorp | 2015-02-27 | 1 | -0/+83 |
| | |||||
* | verifysct.py: Fetch fresh STH instead of using old | Magnus Ahltorp | 2015-02-27 | 1 | -3/+8 |
| | |||||
* | Add saving and verification of SCT to python tools | Magnus Ahltorp | 2015-02-27 | 2 | -19/+144 |
| | |||||
* | Add consistency proof checking to testcase1 | Magnus Ahltorp | 2015-02-27 | 3 | -3/+28 |
| | | | | Fix consistency proof checking when first size is power of 2 | ||||
* | Added tool for drawing merkle trees and extracting node hashes | Magnus Ahltorp | 2015-02-27 | 1 | -0/+123 |
| | |||||
* | Update README and finish merge.sh in the minimal docker example.extmerge | Linus Nordberg | 2015-02-27 | 2 | -5/+20 |
| | |||||
* | Fix a bug where verification of EC signatures made us crash. | Linus Nordberg | 2015-02-27 | 1 | -33/+40 |
| | | | | | Also, have valid_chain_p return boolean, add some debug logging and detect invalid signature types instead of crashing. | ||||
* | Don't start erl with `-name'. | Linus Nordberg | 2015-02-27 | 1 | -2/+2 |
| | | | | That's for distributed nodes and we don't do that. | ||||
* | Verify that known roots are indeed signing themselves. | Linus Nordberg | 2015-02-27 | 12 | -236/+382 |
| | | | | | | | This filters out certificates with signing algorithms that we can't handle. Also, make unit tests better. | ||||
* | Even more debug logging. | Linus Nordberg | 2015-02-25 | 1 | -0/+3 |
| | |||||
* | Add debug logging. | Linus Nordberg | 2015-02-25 | 1 | -0/+5 |
| | | | | Trying to figure out why public_key:verify isn't found in docker images. | ||||
* | Don't dump rejected certs to disk. | Linus Nordberg | 2015-02-25 | 1 | -1/+0 |
| | | | | This code is untested, don't use it for now. | ||||
* | Extend 'modules' and 'applications' in application resource file. | Linus Nordberg | 2015-02-25 | 1 | -2/+2 |
| | | | | | This might fix a weird error function_clause crash in ct/v1/add-chain. 'applications' might still not be complete. | ||||
* | Add packaging and examples. | Linus Nordberg | 2015-02-24 | 473 | -0/+12211 |
| | |||||
* | testcase1: Actually verify inclusion proof | Magnus Ahltorp | 2015-02-20 | 2 | -4/+33 |
| | |||||
* | Move public keys to separate file | Magnus Ahltorp | 2015-02-20 | 2 | -14/+15 |
| | |||||
* | Added verification of consistency proofs | Magnus Ahltorp | 2015-02-20 | 2 | -0/+95 |
| | |||||
* | Added hackney dependency text in README.md | Magnus Ahltorp | 2015-02-20 | 1 | -0/+5 |
| | |||||
* | Add fetching all certs to the list of tests | Magnus Ahltorp | 2015-02-20 | 1 | -3/+4 |
| | |||||
* | Implement function to fetch consistency proof | Magnus Ahltorp | 2015-02-20 | 1 | -9/+99 |
| | | | | | Implement function to calculate tree head from disk Implement function to calculate an intermediate node from disk | ||||
* | fetchallcerts.py: handle precerts | Magnus Ahltorp | 2015-02-20 | 3 | -37/+249 |
| | | | | | | | submitcert.py: handle .zip files fetchallcerts.py: Always calculate full tree fetchallcerts.py: Cache level 16 hashes fetchallcerts.py: Save STH | ||||
* | fetchallcerts.py: Store certificates. | Magnus Ahltorp | 2015-02-20 | 1 | -25/+30 |
| | |||||
* | Wait after first submission. Continue on http error 400. Print submission ↵ | Magnus Ahltorp | 2015-02-20 | 2 | -7/+36 |
| | | | | rate and number of submissions every 1000 submissions. | ||||
* | merge.py: Only ask node that actually has the entry. | Magnus Ahltorp | 2015-02-20 | 1 | -21/+70 |
| | | | | | Fetch multiple entries from storage node. Chunk sendlog. | ||||
* | Log time spent serving a request | Magnus Ahltorp | 2015-02-20 | 1 | -0/+3 |
| | |||||
* | Make mochiweb pool size configurable | Magnus Ahltorp | 2015-02-20 | 1 | -0/+1 |
| | |||||
* | Added hackney application | Magnus Ahltorp | 2015-02-20 | 2 | -1/+3 |
| | |||||
* | Move hardcoded merge parameters to command line | Magnus Ahltorp | 2015-02-20 | 3 | -33/+49 |
| | |||||
* | merge.py: add call to storage/getentry since fetchnewentries no longer gives ↵ | Magnus Ahltorp | 2015-02-20 | 1 | -2/+18 |
| | | | | us the actual entry | ||||
* | Remove references to jiffy | Magnus Ahltorp | 2015-02-20 | 1 | -1/+0 |
| | |||||
* | Use log level 'warning' for tests. | Linus Nordberg | 2015-02-20 | 1 | -1/+1 |
| | | | | Debug is so messy. | ||||
* | Stop validating that cert.issuer matches issuer.subject. | Linus Nordberg | 2015-02-20 | 1 | -46/+27 |
| | | | | | | | | | | Even canoncalized versions of this data mismatch in otherwise proper chains. Since we're not here to validate chains for any other reasons than attribution and spam control, let's stop validate cert.issuer==candidate.subject. We still verify the cryptographic chain with signatures of tbsCertificates of course. Resolves CATLFISH-19. | ||||
* | Make unit tests work again. | Linus Nordberg | 2015-02-19 | 8 | -29/+52 |
| | | | | Makefile target 'check' runs them. | ||||
* | Have README reflect the current state of logging a bit better. | Linus Nordberg | 2014-11-21 | 1 | -7/+5 |
| | |||||
* | We don't use jiffy any more. | Linus Nordberg | 2014-11-20 | 1 | -2/+1 |
| | |||||
* | Catch ctrl-c more correctly. Catch SystemExit from add_chain and exit in ↵ | Magnus Ahltorp | 2014-11-18 | 1 | -8/+22 |
| | | | | main process instead | ||||
* | Verify certificates by decoding them as 'plain' certs rather than 'otp. | Linus Nordberg | 2014-11-18 | 2 | -67/+201 |
| | | | | | | | OTP cert validation is too strict. Let's see if this is forgiving enough for our needs. Also, move all cert reading from disk to x509.erl. | ||||
* | Entry hash runs over leaf plus chain. | Linus Nordberg | 2014-11-18 | 1 | -2/+2 |
| | | | | Closes CATLFISH-5. |