Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Implemented support for raw public-key functionality (RFC7250). | Tom Vrancken | 2018-12-15 | 1 | -1/+1 |
| | | | | Signed-off-by: Tom Vrancken <dev@tomvrancken.nl> | ||||
* | pkcs11_override_cert_exts: do not use CKA_X_DISTRUSTED flag when retrieving | Nikos Mavrogiannopoulos | 2017-05-10 | 1 | -7/+2 |
| | | | | | | | | This flag was introduced in order for reducing the number of duplicate stapled extensions returned by p11-kit. Unfortunately that fix was bogus and in fact it resulted to p11-kit not returning any stapled extensions. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | pkcs11: forbid PKCS#11 extensions to be used in other than trust modules | Nikos Mavrogiannopoulos | 2016-09-27 | 1 | -0/+5 |
| | | | | | | That is, only use the CKA_X_DISTRUSTED and the extension override in p11-kit trust modules, to avoid conflicts with potentially other PKCS#11 extensions. | ||||
* | pkcs11: only staple extensions from a trust module when they are from a ↵ | Nikos Mavrogiannopoulos | 2016-09-26 | 1 | -4/+12 |
| | | | | | | | | | | non-distrusted certificate That is, make sure that the API for stapling extensions is only used for non-distrusted (blacklisted) certificates. The reason is to avoid duplicate extension entries from the p11-kit trust database. These come from blacklisted certificates, and we have no reason to support stapled extensions with blacklisted certificates. | ||||
* | several spacing fixes to keep syntax-check happy | Nikos Mavrogiannopoulos | 2016-09-11 | 1 | -7/+7 |
| | |||||
* | pkcs11: find_ext_cb: eliminated memory leak | Nikos Mavrogiannopoulos | 2016-05-03 | 1 | -0/+1 |
| | |||||
* | gnutls_pkcs11_obj_get_exts: updated documentation | Nikos Mavrogiannopoulos | 2016-05-02 | 1 | -3/+6 |
| | |||||
* | Removed the 'gnutls_' prefix from files to simplify file naming | Nikos Mavrogiannopoulos | 2015-08-23 | 1 | -3/+3 |
| | |||||
* | Added GNUTLS_PKCS11_TOKEN_MODNAME for gnutls_pkcs11_token_get_info | Nikos Mavrogiannopoulos | 2015-07-10 | 1 | -3/+3 |
| | | | | That allows to obtain the shared module name of a token URL. | ||||
* | doc: avoid using structure for opaque types | Nikos Mavrogiannopoulos | 2015-03-20 | 1 | -1/+1 |
| | |||||
* | pkcs11: eliminated the need for struct token_info | Nikos Mavrogiannopoulos | 2014-11-06 | 1 | -3/+3 |
| | |||||
* | simulate pkcs11x.h when it doesn't exist | Nikos Mavrogiannopoulos | 2014-09-13 | 1 | -5/+1 |
| | |||||
* | added missing file | Nikos Mavrogiannopoulos | 2014-09-12 | 1 | -0/+299 |