ChangeLog
No OneTemporary
Actions

Size

16 KB

Subscribers

None

ChangeLog
View Options

	2004-03-24 Werner Koch <wk@gnupg.org>

	* cms.c (ksba_cms_add_smime_capability): New.
	(ksba_cms_release): Free the capability list.
	(store_smime_capability_sequence): New.
	(build_signed_data_attributes): Include the smime capabilities.
	* cms.h (oidparmlist_s): New.
	(ksba_cms_s): Add element CAPABILITY_LIST.
	* der-encoder.c (_ksba_der_store_sequence): New.
	* asn1-func.c (_ksba_asn_is_primitive): New dummy type PRE_SEQUENCE.
	* der-encoder.c (set_nhdr_and_len, copy_nhdr_and_len): Support it.

	2004-03-17 Werner Koch <wk@gnupg.org>

	* ber-help.c (_ksba_ber_parse_tl): Check for length overflow.
	(_ksba_ber_read_tl): Ditto.

	2004-03-16 Werner Koch <wk@gnupg.org>

	* ocsp.c (ksba_ocsp_get_responder_id, ksba_ocsp_get_cert): New.

	2004-03-15 Werner Koch <wk@gnupg.org>

	* Makefile.am: Support for version scripts.
	* libksba.vers: New.

	* ocsp.c (parse_response): Fixed parsing of optional certificates.

	2004-03-09 Werner Koch <wk@gnupg.org>

	* ksba.h (ksba_set_hash_buffer_function): Add missing prototype.

	2004-02-20 Werner Koch <wk@gnupg.org>

	* cert.c (ksba_cert_get_ext_key_usages): New.
	(ksba_cert_get_auth_key_id): Fix for the case that there is only
	the KeyIdentifier.

	2004-02-13 Werner Koch <wk@gnupg.org>

	* reader.c, ksba.h (ksba_reader_clear): New.

	2004-02-12 Werner Koch <wk@gnupg.org>

	* cms.c (ksba_cms_identify): Detect pkcs#12.
	* ksba.h: Add KSBA_CT_PCKS12.

	2004-01-29 Werner Koch <wk@gnupg.org>

	* cms.c (build_signed_data_attributes): Arggg; noticed that severe
	bug shortly after the last release. Fixed wrong array size passed
	to qsort.

	2004-01-28 Werner Koch <wk@gnupg.org>

	* dn.c: Updated the table and changed a few names only used for
	String->DER. Added a source specifier as a replacement for the
	allowed_by_rfc2253 field.

	2004-01-19 Werner Koch <wk@gnupg.org>

	* cms.c (build_signed_data_attributes): Argh. We need to sort the
	attributes.
	(compare_attrarray): New.

	2003-12-19 Werner Koch <wk@gnupg.org>

	* cms.c (build_signed_data_header): Fixed silly ==/= bug.

	2003-12-09 Werner Koch <wk@gnupg.org>

	* cms.c (ksba_cms_set_sig_val): Fixed a code cleanup I did on Nov
	25 and led to bad signature creation. Unfortunatley gpgsm has
	currently no real regression tests. BTW, why the hell didn't I
	wrote an entry for that cleanup.

	2003-11-28 Werner Koch <wk@gnupg.org>

	* ocsp.h, ocsp.c: New.
	* ksba.h (ksba_status_t, ksba_ocsp_response_status_t): New.
	(ksba_ocsp_t): New.

	2003-11-25 Werner Koch <wk@gnupg.org>

	* ksba.h: Added a few more CRL reason codes.

	2003-11-21 Werner Koch <wk@gnupg.org>

	* oid.c (ksba_oid_from_str): Changed RBUF to unsigned char* and
	changed all callers to avoid incompatible pointer warnings.

	2003-11-20 Werner Koch <wk@gnupg.org>

	* cert.c (_ksba_cert_get_issuer_dn_ptr): New.
	(_ksba_cert_get_public_key_ptr): New.
	(_ksba_cert_get_serial_ptr): New.

	* util.c (_ksba_hash_buffer): New.
	(ksba_set_hash_buffer_function): New.

	* cms.c: Include sexp-parse.h.
	(ksba_cms_set_sig_val): Use snext and smatch instead of open
	coding it.

	* sexp-parse.h: New. Taken from GnuPG 1.9.

	2003-11-18 Werner Koch <wk@gnupg.org>

	* reader.c (ksba_reader_read): Return GPG_ERR_EOF and not -1.

	2003-11-17 Werner Koch <wk@gnupg.org>

	* cert.c (get_name, ksba_cert_get_extension): Return GPG_ERR_EOF
	and not just -1.
	* ber-decoder.c (_ksba_ber_decoder_decode): Ditto.

	2003-11-14 Werner Koch <wk@gnupg.org>

	* cms.c (write_encrypted_cont): Fixed test on EOF.
	* cert.c (ksba_cert_is_ca, ksba_cert_get_cert_policies)
	(ksba_cert_get_auth_key_id): Ditto.
	* ber-decoder.c (_ksba_ber_decoder_dump)
	(_ksba_ber_decoder_decode): Ditto.

	2003-11-13 Werner Koch <wk@gnupg.org>

	* ber-decoder.c (eof_or_error): Replaced READ_ERROR with a system
	provided error.
	* crl.c (parse_to_next_update): Ditto.
	* cms-parser.c (parse_cms_version): Ditto.
	(_ksba_cms_parse_signed_data_part_1):
	* ber-help.c (eof_or_error): Ditto.
	* reader.c (ksba_reader_error): Changed to return gpg_error_t.
	* writer.c (ksba_writer_error): Ditto.

	2003-11-12 Werner Koch <wk@gnupg.org>

	* writer.c (do_writer_write): Replaced WRITE_ERROR by one
	generated from errno.

	* asn1-parse.y (ksba_asn_parse_file): Replaced FILE_ERROR by one
	generated from errno.

	* cms.c (ksba_cms_new): Changed Interface to return an error code.
	* name.c (ksba_name_new): Ditto.
	* writer.c (ksba_writer_new): Ditto.
	* reader.c (ksba_reader_new): Ditto.
	* certreq.c (ksba_certreq_new): Ditto.
	* crl.c (ksba_crl_new): Ditto.

	* ksba.h: Removed all KSBA_ error codes and replaced them all over
	the package by the gpg-error.h codes. Include gpg-error.h
	* mkerrors: Removed.
	* Makefile.am: Removed generation of errors.c
	* asn1-gentables.c (one_file): Simplified error printing
	* ksba-config.in (libs,cflags): Add values for gpg-error. Remove
	duplicates.

	2003-11-11 Werner Koch <wk@gnupg.org>

	* cert.c (ksba_cert_new): Changed interface.

	2003-10-31 Werner Koch <wk@gnupg.org>

	Changed the representation of time.

	* ksba.h (ksba_isotime_t): New.
	* convert.h, cms.h, crl.h: Changed all data structure to use that
	new time object.
	* time.c (_ksba_asntime_to_epoch): Renamed to ..
	(_ksba_asntime_to_iso): .. this and rewrote for the new time format.
	(_ksba_asntime_from_epoch): Removed. Was never used.
	(_ksba_assert_time_format, _ksba_copy_time, _ksba_cmp_time)
	(_ksab_current_time): New.
	* cert.c (ksba_cert_get_validity): Changed for new time data type.
	* der-encoder.c (_ksba_der_store_time): Ditto.
	* crl.c (ksba_crl_get_update_times, ksba_crl_get_item)
	(parse_to_next_update, parse_crl_entry): Ditto.
	* cms.c (ksba_cms_get_signing_time, ksba_cms_set_signing_time):
	Ditto.

	2003-10-21 Werner Koch <wk@gnupg.org>

	* dn.c (oid_name_tbl): Changed OIDLEN to size_t.
	(parse_rdn): Ditto.
	* ber-decoder.c (dump_tlv): Fixed format specifier for NHDR.
	Reported by Stephane Corthesy.

	2003-08-20 Marcus Brinkmann <marcus@g10code.de>

	* ber-decoder.c (new_decoder_state): Initialize DS->cur.in_any.

	2003-03-17 Werner Koch <wk@gnupg.org>

	* dn.c (count_quoted_string): Fixed detection of nonprintable
	chars for hex pairs. Use IA5STRING instead of UTF8 if the only
	reason is an at-sign.
	(parse_rdn): Fixed parsing of hash prefixed hex pairs. Use
	IA5STRING instead of UTF8 if the only reason is an at-sign.

	2002-12-12 Werner Koch <wk@gnupg.org>

	* keyinfo.c (sig_algo_table): Added sha-1WithRSAEncryption.

	2002-12-03 Werner Koch <wk@gnupg.org>

	* ber-decoder.c (cmp_tag): Handle ANY tag even when the classes
	don't match. Test case arecertificates with a id-aa-encrypKeyPref.

	2002-11-25 Werner Koch <wk@gnupg.org>

	* cms.c (ksba_cms_get_sigattr_oids): New.
	(build_signed_data_attributes): Store the content-type.
	* der-encoder.c (_ksba_der_store_oid): Handle TYPE_ANY.

	2002-10-22 Werner Koch <wk@gnupg.org>

	* asn1-parse.y (yyparse): Prefix with _ksba_asn1_.

	* asn1-func.c (_asn1_find_left): Made static.

	* dn.c (parse_rdn): Add a parse-only mode to determine the end os
	a part.
	(_ksba_dn_from_str): Parse the string in reversed order as
	specified by rfc2253.

	2002-08-23 Werner Koch <wk@gnupg.org>

	* ksba.m4: Removed unnecessary libs
	* ksba-config.in: Made --prefix work for --libs.
	* Makefile.am (EXTRA_DIST): Add ksba.m4

	2002-08-21 Werner Koch <wk@gnupg.org>

	* der-encoder.c (_ksba_der_copy_tree)
	* crl.c (ksba_crl_get_issuer)
	* cms.c (ksba_cms_get_issuer_serial)
	(ksba_cms_get_sig_val)
	(ksba_cms_get_enc_val)
	* cert.c (ksba_cert_get_image)
	(ksba_cert_hash)
	(ksba_cert_get_serial)
	(ksba_cert_get_sig_val): Removed all debugging output for encoding
	errors.

	2002-08-13 Werner Koch <wk@gnupg.org>

	* ksba.m4: New.

	2002-08-06 Werner Koch <wk@gnupg.org>

	* cms.h (signer_info_s, sig_val_s): New. Actually moved out of
	ksba_cms_s and made it pointers there.
	* cms.c (ksba_cms_release): Changed for new types of signer_info
	and sig_val.
	(ksba_cms_get_issuer_serial): Implemented index for signer_info.
	(ksba_cms_get_digest_algo): Ditto.
	(ksba_cms_get_message_digest): Ditto.
	(ksba_cms_get_sig_val): Ditto.
	(ksba_cms_hash_signed_attrs): Ditto.
	(build_signed_data_attributes): Build the list of signer_infos.
	(build_signed_data_rest): And process the list.
	(ksba_cms_set_sig_val): Append values.
	(build_signed_data_rest): Use the sig_val list.
	(ct_build_signed_data): Changed check for set sig_val.
	(build_signed_data_header): Fixed writing of more than one algo.
	* cms-parser.c (_ksba_cms_parse_signed_data_part_2): Create a list
	of signer_infos and not just one.

	2002-08-05 Werner Koch <wk@gnupg.org>

	* cms.c (ksba_cms_add_cert): Don't add duplicates.
	* cert.c (_ksba_cert_cmp): New.

	2002-07-04 Werner Koch <wk@gnupg.org>

	* cms.c (ksba_cms_identify): Make sure to read the full first 20
	bytes.

	2002-07-02 Werner Koch <wk@gnupg.org>

	* certreq.c (ksba_certreq_set_sig_val): Don't store a leanding zero.

	2002-06-27 Werner Koch <wk@gnupg.org>

	* cert.c (ksba_cert_get_auth_key_id): Skip keyIdentifier tag.

	2002-06-17 Werner Koch <wk@gnupg.org>

	* cms.c (write_encrypted_cont): Don't use write_octet_stream here
	because this is used with an implicit tag and the outer context
	already provides the constructed containter.

	2002-06-13 Werner Koch <wk@gnupg.org>

	* writer.c (ksba_writer_write_octet_string): Correctly write
	undefined length octet strings.
	* cms.c (ct_build_signed_data): Write an end tag for non-detached
	sigs.
	(build_enveloped_data_header): Fix doc; it is an explicit octect
	string.
	(read_encrypted_cont): Read constructed octet strings.

	2002-06-12 Werner Koch <wk@gnupg.org>

	* writer.c (ksba_writer_write_octet_string): New.
	* cms.c (write_encrypted_cont): Use it here.

	2002-05-17 Werner Koch <wk@gnupg.org>

	* Makefile.am: Tweaked to avoid double compilations.

	* cms.c (ksba_cms_identify): New.

	2002-05-16 Werner Koch <wk@gnupg.org>

	* cms-parser.c (_ksba_cms_parse_signed_data_part_1): Never
	allocate 0 bytes - this is not defined.

	2002-05-04 Werner Koch <wk@gnupg.org>

	* dn.c (parse_rdn): Better detection of empty elements.

	2002-04-27 Werner Koch <wk@gnupg.org>

	* cms.c (read_and_hash_cont): Handle constructed octet strings.
	* cms-parser.c (_ksba_cms_parse_signed_data_part_2): Eat one
	pending end tag.

	2002-04-15 Werner Koch <wk@gnupg.org>

	* version.c: New.

	* dn.c (append_ucs4_value,append_ucs2_value): Implemented.

	* cert.c (ksba_cert_get_auth_key_id): New.
	* name.c (_ksba_name_new_from_der): Add support for "Name" type.
	* dn.c (_ksba_derdn_to_str): New.

	2002-03-22 Werner Koch <wk@gnupg.org>

	* cert.c (get_name): Fixed enumerating of alternate names.

	* name.c: New.
	* ksba.h (KsbaName): New. Added defintions for the name functions.
	(KsbaCRLReason): Changed values to allow use as bit flags.
	* cert.c (parse_distribution_point): New.
	(ksba_cert_get_crl_dist_point): New.

	2002-03-15 Werner Koch <wk@gnupg.org>

	* asn1-func.c (_ksba_asn_check_identifier): Better check against
	overflow, also the data used is static.

	2002-03-13 Werner Koch <wk@gnupg.org>

	* cms.h (value_tree_s): New and use it for recp_info.
	(enc_val_s): New, use it in certlist and remove it from the
	ksba_cms_s and change all users.
	* cms.c (ksba_cms_set_enc_val): Allow multiple recipients.
	(ksba_cms_add_signer): Keep ordering of signers so that they can
	be implictly counted by an index.
	(build_enveloped_data_header): Fixed the creation of the RID.

	* cms.c (release_value_tree): New.
	(ksba_cms_release): And use it here.
	(ksba_cms_get_issuer_serial): Use the new recp_list structure and
	take the IDX into account.
	(ksba_cms_get_enc_val): Ditto.
	(ksba_cms_set_sig_val,ksba_cms_set_enc_val): Don't store a leading
	zero.

	* cms-parser.c (_ksba_cms_parse_enveloped_data_part_1): Handle
	multiple recipients.

	* cms.c (build_signed_data_rest): Write 3 end tags.
	(ct_build_enveloped_data): Write 4 end tags.

	2002-03-12 Werner Koch <wk@gnupg.org>

	* cms-parser.c (_ksba_cms_parse_signed_data_part_2): Allow an
	empty set of signer infos.

	2002-03-11 Werner Koch <wk@gnupg.org>

	* keyinfo.c: Fixed last change; forgot to set the length.

	2002-03-09 Werner Koch <wk@gnupg.org>

	* keyinfo.c: Add algo for Telesec NetKey cards.

	2002-02-19 Werner Koch <wk@gnupg.org>

	* cert.c (ksba_cert_get_cert_policies): New.

	2002-02-07 Werner Koch <wk@gnupg.org>

	* cert.c (ksba_cert_release): Release the nodes.

	2002-02-01 Marcus Brinkmann <marcus@g10code.de>

	* asn1-parse.y: Add missing colon at end of block.

	2002-02-01 Werner Koch <wk@gnupg.org>

	* cms.c (ksba_cms_set_sig_val): Add kludge to allow "rsa" instead
	of an OID.

	2002-01-28 Werner Koch <wk@gnupg.org>

	* oid.c (ksba_oid_from_str): Fixed docs and return type.

	* certreq.c (ksba_certreq_set_subject): Renamed to..
	(ksba_certreq_add_subject): this and added logic to store
	subjectAltNames.
	(build_extensions): New.
	(build_cri): Write the extensions.

	* ber-help.c (_ksba_ber_encode_tl): New.

	2002-01-25 Werner Koch <wk@gnupg.org>

	* cms.c (build_signed_data_attributes): Write the optional certs.
	* cert.c (ksba_cert_get_image): Don't return the image length but
	the parsed length.

	2002-01-24 Werner Koch <wk@gnupg.org>

	* cms.h: Add new member cert_info_list.
	* cms.c (ksba_cms_add_cert): New.
	(ksba_cms_release): Release the cert info list.

	2002-01-23 Werner Koch <wk@gnupg.org>

	* crl.c (parse_to_next_update): Use measured length to fixup the
	tbs_len after reading the name. Check tbs_len before checking
	for the entry list.

	* ksba.h (KsbaKeyUsage): New.
	* cert.c (ksba_cert_get_key_usage): New.

	* cert.c (get_name): New, implemented rfc822 AltNames.
	(ksba_cert_get_issuer,ksba_cert_get_subject): Use it.

	2002-01-22 Werner Koch <wk@gnupg.org>

	* cert.c (ksba_cert_is_ca): New.

	* ber-help.c (premature_eof): New.
	(eof_or_error): Use it here.
	(_ksba_ber_parse_tl): New.

	2002-01-21 Werner Koch <wk@gnupg.org>

	* cert.c (ksba_cert_get_extension): New.
	(read_extensions): New.
	(ksba_cert_release): Release the cached extension info.

	2002-01-14 Werner Koch <wk@gnupg.org>

	* dn.c: Fixed oid table according to rfc2253.
	(append_atv): Do only use the allowed names.

	2002-01-11 Werner Koch <wk@gnupg.org>

	* dn.c (append_atv): Don't write a trailing hash sign.

	* time.c (_ksba_asntime_to_epoch): Kludge to cope with the Y2038
	problem.

	* crl.c (do_hash): New. Apply the hashing where needed.

	2002-01-10 Werner Koch <wk@gnupg.org>

	* certreq.c, certreq.h: New.
	* keyinfo.c (_ksba_keyinfo_from_sexp): New.

	* der-encoder.c: Removed commented code.

	2002-01-09 Werner Koch <wk@gnupg.org>

	* dn.c (count_quoted_string, parse_rdn, write_escaped): New.
	(_ksba_dn_from_str): Implemented.

	* ber-help.c (_ksba_ber_count_tl): New.

	* util.h (spacep): New.
	(hexdigitp): Now takes a pointer as arg.

	* writer.c (do_writer_write): Set the error flag when we are out
	of core.
	(ksba_writer_snatch_mem): New.

	2002-01-08 Werner Koch <wk@gnupg.org>

	* writer.c (ksba_writer_set_mem): New.
	(do_writer_write): Implemented it here.
	(ksba_writer_get_mem): New.

	* tmttv2.asn (CertificationRequestInfo): Added.

	2002-01-07 Werner Koch <wk@gnupg.org>

	* ksba.h (KsbaCRLReason): New.
	* crl.c: Basically works.

	2002-01-05 Werner Koch <wk@gnupg.org>

	* asn1-func.c (_ksba_asn_find_node): Moved code to ..
	(find_node): new function which allows resolving of identifiers.
	(_ksba_asn_expand_tree): Use the resolving find_node here.

	* keyinfo.c (_ksba_parse_algorithm_identifier2): Reset len2 so
	that a given r_parm returns correct values.

	* ksba.h (KsbaCRL): New typedef and prototypes for the CRL functions.
	* crl.c, crl.h: New but not yet complete.

	2001-12-20 Werner Koch <wk@gnupg.org>

	* cms.c (read_and_hash_cont): New.
	(ct_parse_signed_data): Use it here for non-detached signatures.
	* cms-parser.c (_ksba_cms_parse_signed_data_part_1): Store the
	inner content length.
	(_ksba_cms_parse_signed_data_part_2): Add dummy read code for CRLs.

	* cert.c (ksba_cert_set_serial): Changed to return an entire S-Exp
	and not just an octet string.
	* cms.c (ksba_cms_get_issuer_serial): Ditto.

	2001-12-18 Werner Koch <wk@gnupg.org>

	* Makefile.am (DISTCLEANFILES): Add asn1-tables.c

	2001-12-17 Werner Koch <wk@gnupg.org>

	* cert.c (ksba_cert_get_serial): Does now return a S-expression.
	* cms.c (ksba_cms_get_issuer_serial): Ditto.

	* keyinfo.c: Changed all functions to return canonical encoded S-Exp.

	* Makefile.am (asn1-tables.c): Fixed rule to work with VPATH builds.

	2001-12-14 Werner Koch <wk@gnupg.org>

	* oid.c, time.c, cms.c : Moved atoi macros and digitp macro to ..
	* util.h: .. here. Fixed digitp macro. Added hexdigitp.

	2001-12-13 Werner Koch <wk@gnupg.org>

	* cert.c (ksba_cert_get_issuer): Added an idx argument so that the
	function can be used to enumerate alternate names.
	(ksba_cert_get_subject): Ditto.


	Copyright 2001, 2002 g10 Code GmbH

	This file is free software; as a special exception the author gives
	unlimited permission to copy and/or distribute it, with or without
	modifications, as long as this notice is preserved.

	This file is distributed in the hope that it will be useful, but
	WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

File Metadata

Mime Type: text/plain
Expires: Mon, May 12, 6:31 PM (1 d, 9 h)
Storage Engine: local-disk
Storage Format: Raw Data
Storage Handle: 94/2f/e9bf5a9f683eea8129a23d1fe2c0

ChangeLogNo OneTemporaryActions

ChangeLogView Options

File Metadata

Event Timeline

ChangeLog
No OneTemporary
Actions

ChangeLog
View Options