1. 27 Jun, 2015 1 commit
    • Manuel Pégourié-Gonnard's avatar
      Fix X.509 keysize check with multiple CAs · fa67ebae
      Manuel Pégourié-Gonnard authored
      Assume we have two trusted CAs with the same name, the first uses ECDSA 256
      bits, the second RSA 2048; cert is signed by the second. If we do the keysize
      check before we checked the key types match, we'll raise the badkey flags when
      checking the EC-256 CA and it will remain up even when we finally find the
      correct CA. So, move the check for the key size after signature verification,
      which implicitly checks the key type.
      fa67ebae
  2. 23 Jun, 2015 4 commits
  3. 22 Jun, 2015 2 commits
  4. 18 Jun, 2015 1 commit
  5. 17 Jun, 2015 5 commits
  6. 02 Jun, 2015 1 commit
  7. 28 May, 2015 1 commit
  8. 27 May, 2015 2 commits
  9. 26 May, 2015 1 commit
  10. 13 May, 2015 1 commit
    • Nicholas Wilson's avatar
      fix minor bug in path_cnt checks · bc07c3a1
      Nicholas Wilson authored
      If the top certificate occurs twice in trust_ca (for example) it would
      not be good for the second instance to be checked with check_path_cnt
      reduced twice!
      bc07c3a1
  11. 12 May, 2015 2 commits
  12. 11 May, 2015 1 commit
  13. 30 Apr, 2015 1 commit
  14. 29 Apr, 2015 1 commit
  15. 20 Apr, 2015 2 commits
  16. 17 Apr, 2015 1 commit
  17. 09 Apr, 2015 1 commit
  18. 08 Apr, 2015 1 commit
  19. 27 Mar, 2015 3 commits
  20. 25 Mar, 2015 1 commit
  21. 19 Mar, 2015 1 commit
  22. 10 Mar, 2015 1 commit
  23. 06 Mar, 2015 1 commit
  24. 16 Feb, 2015 2 commits
  25. 15 Feb, 2015 2 commits