summaryrefslogtreecommitdiff
path: root/src/catlfish.erl
Commit message (Collapse)AuthorAgeFilesLines
* Base64-decode submitted blobs and treat them as leaf certs.Linus Nordberg2015-11-201-17/+12
|
* Accept any kind of submitted data, not only X.509 certificate chains.Linus Nordberg2015-11-201-5/+5
| | | | | | | | Have add_chain() take a blob instead of a cert leaf and a chain. Rename ct/v1/add-chain -> add-blob. Remove ct/v1/add-pre-chain. Remove chain checking code. Generate allowed_client config matching new HTTP API.
* Verify MTL against leaf hash before returning get-entries.Linus Nordberg2015-09-151-3/+4
| | | | Closes CATLFISH-50.
* Wrap entries in plop wrapperMagnus Ahltorp2015-08-191-12/+11
|
* Don't cons an improper list when serialising extra data for a precert.Linus Nordberg2015-08-191-1/+1
|
* Rename extra_data/3 and move it some.Linus Nordberg2015-08-071-14/+14
|
* Return correct extra-data for precerts too (closes CATLFISH-56).Linus Nordberg2015-08-061-57/+60
| | | | Verify precerts in make tests too.
* Implement rate limiting of add_chainMagnus Ahltorp2015-06-121-26/+36
|
* Remove unused temporary variable.Linus Nordberg2015-06-101-9/+7
|
* Add verification of whole entry. Implement library call for plop verification.Magnus Ahltorp2015-06-101-6/+44
|
* Fix CATLFISH-45.Linus Nordberg2015-05-111-6/+4
| | | | https://project.nordu.net/browse/CATLFISH-45
* Dialyzer clean.Linus Nordberg2015-05-061-10/+9
|
* Fix copyright strings.Linus Nordberg2015-04-091-1/+1
|
* Verify that database entry actually contains the certificateMagnus Ahltorp2015-04-071-3/+6
|
* Provide function for calculating entryhash from entryMagnus Ahltorp2015-03-271-0/+25
|
* Add spec's for most functions.Linus Nordberg2015-03-231-10/+1
| | | | NOTE: We're not dialyzer clean yet.
* Formatting; remove debug printouts.Linus Nordberg2015-03-231-16/+4
|
* Add precert handling.Linus Nordberg2015-03-231-61/+165
|
* Cache SCT:sMagnus Ahltorp2015-03-081-12/+31
|
* Verify that known roots are indeed signing themselves.Linus Nordberg2015-02-271-4/+12
| | | | | | | This filters out certificates with signing algorithms that we can't handle. Also, make unit tests better.
* Make unit tests work again.Linus Nordberg2015-02-191-9/+22
| | | | Makefile target 'check' runs them.
* Verify certificates by decoding them as 'plain' certs rather than 'otp.Linus Nordberg2014-11-181-49/+7
| | | | | | | OTP cert validation is too strict. Let's see if this is forgiving enough for our needs. Also, move all cert reading from disk to x509.erl.
* Entry hash runs over leaf plus chain.Linus Nordberg2014-11-181-2/+2
| | | | Closes CATLFISH-5.
* Log some info about certs that don't parse and why.Linus Nordberg2014-11-051-8/+6
| | | | Also move x509 specific code to the x509 module.
* Rewrite root certificate cache handlingMagnus Ahltorp2014-10-261-18/+17
|
* Stop using jiffyMagnus Ahltorp2014-10-251-22/+17
|
* Merge branch 'validate-certchain' into staging1Linus Nordberg2014-10-241-0/+106
|\ | | | | | | | | Conflicts: src/catlfish.erl
| * Implement cert chain validation.Linus Nordberg2014-10-221-0/+106
| | | | | | | | NOTE: Presence of and constraints on names are not being validated.
* | Break include dependency on plop.hrlMagnus Ahltorp2014-10-241-1/+0
|/
* Use proper return value format for plop:inclusion_and_entry().Linus Nordberg2014-10-101-1/+1
|
* Use raw file storageMagnus Ahltorp2014-09-281-1/+1
|
* Fix api problemsMagnus Ahltorp2014-09-271-13/+25
|
* Fix api problemsMagnus Ahltorp2014-09-271-3/+3
|
* wipplop-if-cleanupLinus Nordberg2014-09-271-29/+122
|
* Make cert chains and CtExtensions variable length (TLS) vectors.Linus Nordberg2014-09-251-0/+59
| | | | Also move some CT-specific code to new file catlfish.erl.
* Remove unused stuff.Linus Nordberg2014-06-111-15/+0
|
* Add licensing information.Linus Nordberg2014-06-101-0/+3
|
* Change ctls -> catlfish.Linus Nordberg2014-06-101-0/+12
|
* Rename to ctls.Linus Nordberg2014-05-031-12/+0
|
* add build related notesLinus Nordberg2014-04-041-0/+6
|
* Add some skeleton.Linus Nordberg2014-03-211-0/+6