summaryrefslogtreecommitdiff
path: root/usr.sbin/rpki-client/x509.c
AgeCommit message (Expand)Author
2024-12-03Add more checks for router keysJob Snijders
2024-10-16rpki-client: sprinkle some constTheo Buehler
2024-10-07Add comment accidentally omitted on commitTheo Buehler
2024-10-07rpki-client: fix seqnum upper boundTheo Buehler
2024-09-12Reintroduce check that CRL Number is in rangeTheo Buehler
2024-07-08x509_pubkey_get_ski() should support non-rsa keysTheo Buehler
2024-06-10rpki-client: allow multiple EKU OIDs for BGPsec certsTheo Buehler
2024-06-10rpki-client: fix and move more KU/EKU to x509_get_purpose()Theo Buehler
2024-06-08Add a TODO item for BGPsec router certsTheo Buehler
2024-06-08Improve x509_get_purpose()Theo Buehler
2024-06-08Add a x509_cache_extensions() helperTheo Buehler
2024-06-07Add two related todo items for purpose handlingTheo Buehler
2024-06-04rpki-client: rework AIA, SIA, and CRL handlingTheo Buehler
2024-06-04rpki-client: remove proto argument from x509_location()Theo Buehler
2024-06-03Rework SIA handling to be less incorrectTheo Buehler
2024-05-31Document a weird decision in RFC 8209Theo Buehler
2024-05-31rpki-client: check issuer for certs and CRLsTheo Buehler
2024-05-29rpki-client: rework CRL handlingTheo Buehler
2024-04-21Mandate presence of CMS signing-time and disallow binary-signing-timeJob Snijders
2024-04-03Fix warning about DistributionPointName typeTheo Buehler
2024-03-24Clamp the manifestNumber to 20 octets valueTheo Buehler
2024-03-22Replace protocol literal strings and strlen() calls with defined constantsJob Snijders
2024-03-20Check whether filename and SIA matchJob Snijders
2024-03-19Rename parent to issuer in struct authTheo Buehler
2024-02-22Add support for RPKI Signed Prefix ListsJob Snijders
2024-02-16Factor SKI calculation into a helperTheo Buehler
2024-02-14rpki-client: simplify x509_get_ski()Theo Buehler
2024-02-13Improve a comment about what exactly the SKI isJob Snijders
2024-02-01Normalize the nid printingTheo Buehler
2024-01-31Make the error a bit easier to readJob Snijders
2023-11-16Add a helper to extrct the CRL Number from a crlTheo Buehler
2023-09-12Ensure the X.509 Subject only contains commonName and optionally serialNumberJob Snijders
2023-06-23Use consistent idiom for X509_get_ext_d2i()Theo Buehler
2023-06-20Be explicit when SIA is without rsync accessLocationJob Snijders
2023-05-22Convert x509_get_time() to ASN1_TIME_to_tm()Theo Buehler
2023-03-14rpki-client: disallow AIA in self-signed certsTheo Buehler
2023-03-12Refactor expiration calculationJob Snijders
2023-03-10mechanical change, rename struct members to match the original X509 namesJob Snijders
2023-03-10Show the X.509 notBefore in filemodeJob Snijders
2023-03-06Enforce X509v3 SKIs to be the SHA-1 hash of the Subject Public KeyJob Snijders
2023-02-16Revert r1.63.Theo Buehler
2023-02-16Add missing RFC 6487 section 4.8.6 CRLDP compliance checksJob Snijders
2023-02-09Use GEN_OTHERNAME instead of hardcoding 0Theo Buehler
2022-11-30Remove unused sys/socket.h includeJob Snijders
2022-11-29Only include stdarg.h, if we call any of va_{start,end}()Job Snijders
2022-11-29Only include assert.h if we call assert()Job Snijders
2022-11-26Add support for authenticating geofeed data CSV files in filemodeJob Snijders
2022-11-07Confirm Path Length is absent in the Basic Constraints extensionJob Snijders
2022-11-06Next to signedObject only allow rpkiNotify accessMethodsTheo Buehler
2022-11-04Do not fail on non-rsync URIs in EE cert SIA extensionsTheo Buehler