summaryrefslogtreecommitdiff
path: root/lib/libcrypto
AgeCommit message (Collapse)Author
2017-01-03Add a small bit of belt and suspenders around ERR_V_OK with X509_STORE_ctxBob Beck
and X509_verify_cert - We at least make it so an an init'ed ctx is not "valid" until X509_verify_cert has actually been called, And we make it impossible to return success without having the error set to ERR_V_OK. ok jsing@
2017-01-03bring in boring's internal check_trust function to fix a bug introducedBob Beck
when we went to alternate cert chains. this correctly does not clobber the ctx->error when using an alt chain. ok jsing@
2017-01-01Various work on cert.pem, ok bcook@Stuart Henderson
- print/sort using the full certificate subject rather than a pretty-printed subset (as done in the current version of format-pem.pl); previously this was resulting in a problem where a CN conflict resulted in the GlobalSign R2 CA accidentally getting dropped in r1.10; problem found by Steven McDonald - remove CA certificates that are no longer present in the CA store of the release branch of Mozilla - possible now that libressl has support for alternate chains (libcrypto/x509/x509_vfy.c r1.52) - add new CA certificates from Mozilla's store from those organisations which we already list
2016-12-30Place ASN_ITEM_{ptr,rptr,ref} and DECLARE_ASN1_ITEM under #ifndefJoel Sing
LIBRESSL_INTERNAL.
2016-12-30Expand ASN1_ITEM_rptr macros - no change in preprocessor output.Joel Sing
2016-12-30Expand ASN1_ITEM_rptr and ASN1_ITEM_ptr macros - no change in generatedJoel Sing
assembly.
2016-12-30Expand ASN1_ITEM_ref and ASN1_ITEM_ptr macros - no change in generatedJoel Sing
assembly. Of particular interest is ASN1_ITEM_ptr which does nothing and resulted in code like: if (method->it) ASN1_ITEM_free(..., ASN1_ITEM_ptr(method->it));
2016-12-30Expand ASN1_ITEM_rptr macros - no change in generated assembly.Joel Sing
2016-12-30Expand ASN1_ITEM_rptr macros - no change in generated assembly.Joel Sing
2016-12-30Expand ASN1_ITEM_rptr macros - no change in generated assembly.Joel Sing
2016-12-30Expand ASN1_ITEM_rptr macros - no change in generated assembly.Joel Sing
2016-12-30Expand ASN1_ITEM_rptr macro - no change in generated assembly.Joel Sing
2016-12-30Expand ASN1_ITEM_rptr macro - no change in generated assembly.Joel Sing
2016-12-30Expand ASN1_ITEM_rptr macros - no change in generated assembly.Joel Sing
2016-12-30Place M_PKCS12_* compatibility macros under #ifndef LIBRESSL_INTERNAL.Joel Sing
2016-12-30Expand M_PKCS12_* "compatibility" macros. No change to generated assembly.Joel Sing
2016-12-29Write d2i_ASN1_NULL(3) manual page from scratch.Ingo Schwarze
Both functions are listed in <openssl/asn1.h> and in OpenSSL doc/man3/d2i_X509.pod. After reading the code, i'm not amused. You wouldn't think that it might take eight stack levels to decode a constant sixteen bit value that does not even allow a single content octet, or would you? Nota bene, this is an average of four stack levels for each non-zero bit decoded... :-(
2016-12-28Write documentation for <openssl/x509v3.h> DER decoding andIngo Schwarze
encoding functions from scratch. All 46 functions are listed in OpenSSL doc/man3/d2i_X509.pod.
2016-12-28add missing .Vt macrosIngo Schwarze
2016-12-28standard section name;Jason McIntyre
2016-12-28Rewrite and add d2i_X509_REQ_INFO(3) and i2d_X509_REQ_INFO(3),Ingo Schwarze
both listed in <openssl/x509.h> and in OpenSSL doc/man3/d2i_X509.pod.
2016-12-28Rewrite and add d2i_X509_CRL_INFO(3), i2d_X509_CRL_INFO(3),Ingo Schwarze
d2i_X509_REVOKED(3), and i2d_X509_CRL_INFO(3), all listed in <openssl/x509.h> and in OpenSSL doc/man3/d2i_X509.pod.
2016-12-28Use the same parameter names as in ASN1_item_d2i(3).Ingo Schwarze
Use simpler standard wordings. Add X.509 references.
2016-12-28rewrite in the standard wayIngo Schwarze
2016-12-28Minor cleanup:Ingo Schwarze
Improve the one-line description. Use the standard wordings in some places. Complete the RETURN VALUES section.
2016-12-28Write new manual pages d2i_X509_ATTRIBUTE(3) and d2i_X509_EXTENSION(3)Ingo Schwarze
from scratch. All six functions are listed in <openssl/x509.h> and in OpenSSL doc/man3/d2i_X509.pod.
2016-12-28In contrast to OpenSSL, do not attempt to document the worldIngo Schwarze
in this page - but do include documentation for immediate subobjects that are used nowhere else. All six functions listed in <openssl/x509.h> and in OpenSSL doc/man3/d2i_X509.pod.
2016-12-28Basic cleanup:Ingo Schwarze
Improve .Nd. Sort functions. Use the same parameter names as in ASN1_item_d2i(3). Point to ASN1_item_d2i(3) for all he details. Delete all the information that's now in ASN1_item_d2i(3). Add missing entries to the RETURN VALUES section. Add STANDARDS section.
2016-12-28Full rewrite.Ingo Schwarze
Also document d2i_PKCS8_bio(3), i2d_PKCS8_bio(3), d2i_PKCS8_fp(3), and i2d_PKCS8_fp(3) while here, listed in <openssl/x509.h> and in OpenSSL doc/man3/d2i_X509.pod. No, these functions have nothing to do with the many other d2i_PKCS8*(3) functions all around, and nothing with PKCS#8 at all in the first place. Read the BUGS section. I couldn't make this stuff up.
2016-12-28Add a dire warning to not confuse i2d_PKCS8PrivateKey_bio(3)Ingo Schwarze
with i2d_PKCS8PrivateKeyInfo_bio(3). While here, polish the cross references.
2016-12-28Document i2d_PKCS8PrivateKeyInfo_bio(3) and i2d_PKCS8PrivateKeyInfo_fp(3),Ingo Schwarze
listed in <openssl/x509.h> and in OpenSSL doc/man3/d2i_X509.pod. These functions are very similar to i2d_PrivateKey(3) but very different from i2d_PKCS8PrivateKey_bio(3), that's why they go into this manual page and not into the other one. When the naming was decided, somebody clearly considered too briefly or too long.
2016-12-28Write new manual page d2i_PKCS8_PRIV_KEY_INFO(3) from scratch.Ingo Schwarze
These six function are listed in <openssl/x509.h> and in OpenSSL doc/man3/d2i_X509.pod.
2016-12-27Write new manual pages d2i_OCSP_REQUEST(3) and d2i_OCSP_RESPONSE(3)Ingo Schwarze
from scratch. All these functions are listed in <openssl/ocsp.h> and in OpenSSL doc/man3/d2i_X509.pod.
2016-12-27New manual pages d2i_ESS_SIGNING_CERT(3) and d2i_TS_REQ(3) writtenIngo Schwarze
from scratch. All functions listed in <openssl/ts.h> and in OpenSSL doc/man3/s2i_X509.pod.
2016-12-27Place the DECLARE_ASN1_* macros under #ifndef LIBRESSL_INTERNAL.Joel Sing
2016-12-27Use correct version of previous macro expansion.Joel Sing
2016-12-27Expand DECLARE_ASN1_FUNCTIONS_{fname,name} macros - no change toJoel Sing
preprocessor output, excluding line numbers and newlines.
2016-12-27Expand DECLARE_ASN1_{NDEF,PRINT}_FUNCTION macros - no change inJoel Sing
preprocesssor output.
2016-12-27Remove all DECLARE_ASN1_SET_OF macro usage - since 2000 these have beenJoel Sing
nothing but markers for utils/mkstack.pl... and we removed the code that generated more macros from these markers in 2014.
2016-12-27Place some macros under #ifndef LIBRESSL_INTERNAL.Joel Sing
2016-12-27Kill some #if 0 code that uses old-style ASN.1 encoding.Joel Sing
2016-12-27Expand DECLARE_ASN1_ITEM macros - no change in preprocessor output.Joel Sing
2016-12-27Expand DECLARE_ASN1_ITEM - no change to preprocessor output.Joel Sing
2016-12-27Expand DECLARE_ASN1_ITEM macros - no change to preprocessor output.Joel Sing
2016-12-27Expand DECLARE_ASN1_ITEM macros - no change in preprocessor output.Joel Sing
2016-12-27remove a stray comment line that might cause confusionIngo Schwarze
2016-12-27Expand DECLARE_ASN1_* macros. No change in preprocessor output, excludingJoel Sing
line numbering and new lines.
2016-12-27minor fixes;Jason McIntyre
2016-12-26Typo, "more then" -> "more than"Jeremie Courreges-Anglas
2016-12-26also document the weird i2d_PKCS7_NDEF(3)Ingo Schwarze
listed in <openssl/pkcs7.h> and OpenSSL doc/man3/d2i_X509.pod
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-23 02:43:59 +0000