summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Move http_request to certtoolsMagnus Ahltorp2015-03-032-25/+28
|
* Move to external signingMagnus Ahltorp2015-03-025-5/+53
|
* Make sign and ht optional processes. Move sign args to config.Magnus Ahltorp2015-03-011-0/+3
|
* Move test nodes list to variablesMagnus Ahltorp2015-02-281-4/+7
|
* Improve tests-start and tests-stopMagnus Ahltorp2015-02-272-6/+38
|
* Updating documentation to reflect authentication changesMagnus Ahltorp2015-02-271-1/+7
|
* Require authentication for merge callsMagnus Ahltorp2015-02-274-17/+39
|
* Added authentication between frontend and storage nodesMagnus Ahltorp2015-02-2710-6/+86
|
* Add some debugging help to README.Linus Nordberg2015-02-271-0/+6
|
* Make merge.sh actually work.Linus Nordberg2015-02-271-6/+10
|
* Remove mergedb before starting merge.Linus Nordberg2015-02-271-0/+1
| | | | | | How bad is this idea if you ever want to restart merge without starting the log from scratch? As long as the storage node doesn't lose its data, I guess it's ok.
* chmod +x merge.shLinus Nordberg2015-02-272-1/+1
| | | | Also fix path in README.
* Added instructions for minimal system setupMagnus Ahltorp2015-02-271-0/+83
|
* verifysct.py: Fetch fresh STH instead of using oldMagnus Ahltorp2015-02-271-3/+8
|
* Add saving and verification of SCT to python toolsMagnus Ahltorp2015-02-272-19/+144
|
* Add consistency proof checking to testcase1Magnus Ahltorp2015-02-273-3/+28
| | | | Fix consistency proof checking when first size is power of 2
* Added tool for drawing merkle trees and extracting node hashesMagnus Ahltorp2015-02-271-0/+123
|
* Update README and finish merge.sh in the minimal docker example.extmergeLinus Nordberg2015-02-272-5/+20
|
* Fix a bug where verification of EC signatures made us crash.Linus Nordberg2015-02-271-33/+40
| | | | | Also, have valid_chain_p return boolean, add some debug logging and detect invalid signature types instead of crashing.
* Don't start erl with `-name'.Linus Nordberg2015-02-271-2/+2
| | | | That's for distributed nodes and we don't do that.
* Verify that known roots are indeed signing themselves.Linus Nordberg2015-02-2712-236/+382
| | | | | | | This filters out certificates with signing algorithms that we can't handle. Also, make unit tests better.
* Even more debug logging.Linus Nordberg2015-02-251-0/+3
|
* Add debug logging.Linus Nordberg2015-02-251-0/+5
| | | | Trying to figure out why public_key:verify isn't found in docker images.
* Don't dump rejected certs to disk.Linus Nordberg2015-02-251-1/+0
| | | | This code is untested, don't use it for now.
* Extend 'modules' and 'applications' in application resource file.Linus Nordberg2015-02-251-2/+2
| | | | | This might fix a weird error function_clause crash in ct/v1/add-chain. 'applications' might still not be complete.
* Add packaging and examples.Linus Nordberg2015-02-24473-0/+12211
|
* testcase1: Actually verify inclusion proofMagnus Ahltorp2015-02-202-4/+33
|
* Move public keys to separate fileMagnus Ahltorp2015-02-202-14/+15
|
* Added verification of consistency proofsMagnus Ahltorp2015-02-202-0/+95
|
* Added hackney dependency text in README.mdMagnus Ahltorp2015-02-201-0/+5
|
* Add fetching all certs to the list of testsMagnus Ahltorp2015-02-201-3/+4
|
* Implement function to fetch consistency proofMagnus Ahltorp2015-02-201-9/+99
| | | | | Implement function to calculate tree head from disk Implement function to calculate an intermediate node from disk
* fetchallcerts.py: handle precertsMagnus Ahltorp2015-02-203-37/+249
| | | | | | | submitcert.py: handle .zip files fetchallcerts.py: Always calculate full tree fetchallcerts.py: Cache level 16 hashes fetchallcerts.py: Save STH
* fetchallcerts.py: Store certificates.Magnus Ahltorp2015-02-201-25/+30
|
* Wait after first submission. Continue on http error 400. Print submission ↵Magnus Ahltorp2015-02-202-7/+36
| | | | rate and number of submissions every 1000 submissions.
* merge.py: Only ask node that actually has the entry.Magnus Ahltorp2015-02-201-21/+70
| | | | | Fetch multiple entries from storage node. Chunk sendlog.
* Log time spent serving a requestMagnus Ahltorp2015-02-201-0/+3
|
* Make mochiweb pool size configurableMagnus Ahltorp2015-02-201-0/+1
|
* Added hackney applicationMagnus Ahltorp2015-02-202-1/+3
|
* Move hardcoded merge parameters to command lineMagnus Ahltorp2015-02-203-33/+49
|
* merge.py: add call to storage/getentry since fetchnewentries no longer gives ↵Magnus Ahltorp2015-02-201-2/+18
| | | | us the actual entry
* Remove references to jiffyMagnus Ahltorp2015-02-201-1/+0
|
* Use log level 'warning' for tests.Linus Nordberg2015-02-201-1/+1
| | | | Debug is so messy.
* Stop validating that cert.issuer matches issuer.subject.Linus Nordberg2015-02-201-46/+27
| | | | | | | | | | Even canoncalized versions of this data mismatch in otherwise proper chains. Since we're not here to validate chains for any other reasons than attribution and spam control, let's stop validate cert.issuer==candidate.subject. We still verify the cryptographic chain with signatures of tbsCertificates of course. Resolves CATLFISH-19.
* Make unit tests work again.Linus Nordberg2015-02-198-29/+52
| | | | Makefile target 'check' runs them.
* Have README reflect the current state of logging a bit better.Linus Nordberg2014-11-211-7/+5
|
* We don't use jiffy any more.Linus Nordberg2014-11-201-2/+1
|
* Catch ctrl-c more correctly. Catch SystemExit from add_chain and exit in ↵Magnus Ahltorp2014-11-181-8/+22
| | | | main process instead
* Verify certificates by decoding them as 'plain' certs rather than 'otp.Linus Nordberg2014-11-182-67/+201
| | | | | | | OTP cert validation is too strict. Let's see if this is forgiving enough for our needs. Also, move all cert reading from disk to x509.erl.
* Entry hash runs over leaf plus chain.Linus Nordberg2014-11-181-2/+2
| | | | Closes CATLFISH-5.