#
6a3579e1 |
| 15-May-2024 |
Rajeev Ranjan |
CMP: add support for requesting cert template using genm/genp Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from ht
CMP: add support for requesting cert template using genm/genp Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24409)
show more ...
|
#
40a200f9 |
| 03-Dec-2022 |
Dr. David von Oheimb |
CMP: add support for genm with crlStatusList and genp with crls Introduce the capability to retrieve and update Certificate Revocation Lists (CRLs) in the CMP client, as specified in sec
CMP: add support for genm with crlStatusList and genp with crls Introduce the capability to retrieve and update Certificate Revocation Lists (CRLs) in the CMP client, as specified in section 4.3.4 of RFC 9483. To request a CRL update, the CMP client can send a genm message with the option -infotype crlStatusList. The server will respond with a genp message containing the updated CRL, using the -infoType id-it-crls. The client can then save the CRL in a specified file using the -crlout parameter. Co-authored-by: Rajeev Ranjan <ranjan.rajeev@siemens.com> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23768)
show more ...
|
#
fc9649f6 |
| 25-Mar-2024 |
Rajeev Ranjan |
fix sending error when no root CA cert update available Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://
fix sending error when no root CA cert update available Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24169)
show more ...
|
#
d6d9277b |
| 04-Aug-2023 |
Dr. David von Oheimb |
apps/cmp: improve -reqin option to read fallback public key from first request message file given Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmai
apps/cmp: improve -reqin option to read fallback public key from first request message file given Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/21660)
show more ...
|
#
2fbe23bb |
| 03-Aug-2023 |
Dr. David von Oheimb |
apps/cmp: add -reqout_only option for dumping/saving just the initial CMP request message Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
apps/cmp: add -reqout_only option for dumping/saving just the initial CMP request message Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/21660)
show more ...
|
#
657109ac |
| 19-Dec-2022 |
Dr. David von Oheimb |
80-test_cmp_http_data/: add tests for -no_cache_extracerts, fix and extend further test cases Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.o
80-test_cmp_http_data/: add tests for -no_cache_extracerts, fix and extend further test cases Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19948)
show more ...
|
#
0739dd00 |
| 21-Jun-2023 |
Dr. David von Oheimb |
CMP app: make -geninfo option accept multiple ITAVs and support string values besides integers Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.
CMP app: make -geninfo option accept multiple ITAVs and support string values besides integers Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/21281)
show more ...
|
#
7c6577ba |
| 13-Jun-2023 |
Dr. David von Oheimb |
CMP lib and app: add optional certProfile request message header and respective -profile option Also add missing getter functionss OSSL_CMP_{CTX,HDR}_get0_geninfo_ITAVs() to CMP API.
CMP lib and app: add optional certProfile request message header and respective -profile option Also add missing getter functionss OSSL_CMP_{CTX,HDR}_get0_geninfo_ITAVs() to CMP API. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/21281)
show more ...
|
#
01b04851 |
| 17-Sep-2022 |
Dr. David von Oheimb |
CMP: add support for genm with rootCaCert and genp with rootCaKeyUpdate Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://gi
CMP: add support for genm with rootCaCert and genp with rootCaKeyUpdate Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21129)
show more ...
|
#
1d32ec20 |
| 11-Apr-2023 |
Rajeev Ranjan |
CMP: support specifying certificate to be revoked via issuer and serial number Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed
CMP: support specifying certificate to be revoked via issuer and serial number Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/21116)
show more ...
|
#
d477484d |
| 03-Dec-2021 |
Dr. David von Oheimb |
CMP: add support for genm/genp messages with id-it-caCerts Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david
CMP: add support for genm/genp messages with id-it-caCerts Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19231)
show more ...
|
#
1f757df1 |
| 14-Feb-2023 |
Dr. David von Oheimb |
APPS/cmp: prevent HTTP client failure on -rspin option with too few filenames The logic for handling inconsistent use of -rspin etc., -port, -server, and -use_mock_srv options proved fau
APPS/cmp: prevent HTTP client failure on -rspin option with too few filenames The logic for handling inconsistent use of -rspin etc., -port, -server, and -use_mock_srv options proved faulty. This is fixed here, updating and correcting also the documentation and diagnostics of the involved options. In particular, the case that -rspin (or -rspout. reqin, -reqout) does not provide enough message file names was not properly described and handled. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20295)
show more ...
|
#
f1e144f2 |
| 02-Feb-2023 |
Dr. David von Oheimb |
apps/cmp.c: make sure that last -reqin argument is actually used Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb
apps/cmp.c: make sure that last -reqin argument is actually used Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20204)
show more ...
|
#
20b0579c |
| 09-Dec-2021 |
Dr. David von Oheimb |
CMP test_commands.csv: improve test for -reqin, adding -reqin_new_tid Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://gith
CMP test_commands.csv: improve test for -reqin, adding -reqin_new_tid Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17252)
show more ...
|
#
5adda344 |
| 07-Dec-2021 |
Dr. David von Oheimb |
80-test_cmp_http_data/test_commands.csv: fix minor glitch in column alignment Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17224)
|
#
7ee0954a |
| 07-Dec-2021 |
Dr. David von Oheimb |
APPS/cmp: fix -rspin option such that it works again without -reqin Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17222)
|
#
f6b6574c |
| 02-Jun-2021 |
Jon Spillett |
80-test_cmp_http.t: Re-enable CMP tests for AIX, removing some inessential test cases Remove negative test cases which simulate an attempt to write file contents to a directory using a p
80-test_cmp_http.t: Re-enable CMP tests for AIX, removing some inessential test cases Remove negative test cases which simulate an attempt to write file contents to a directory using a path ending in '/' as this is not compatible with fopen on all platforms, e.g., AIX. Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15575)
show more ...
|
#
b6f0f050 |
| 21-May-2021 |
Dr. David von Oheimb |
80-test_cmp_http: Invert and correct the logic of success vs. failure exit This makes the logic more intuitive and corrects the interpretation for NonStop. Fixes #15386 Reviewed
80-test_cmp_http: Invert and correct the logic of success vs. failure exit This makes the logic more intuitive and corrects the interpretation for NonStop. Fixes #15386 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15402)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11 |
|
#
a3361c37 |
| 23-Jan-2021 |
Dr. David von Oheimb |
81-test_cmp_cli_data: fixup on CSR test cases Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14019)
|
Revision tags: openssl-3.0.0-alpha10, OpenSSL_1_1_1i |
|
#
c87bcdbd |
| 27-Nov-2020 |
Dr. David von Oheimb |
test/recipes: split 81_test_cmp_cli.t, add test using -engine loader_attic The HTTP-based tests are now in 80_test_cmp_http.t, to start a little earlier. This should decrease total test
test/recipes: split 81_test_cmp_cli.t, add test using -engine loader_attic The HTTP-based tests are now in 80_test_cmp_http.t, to start a little earlier. This should decrease total test run time due to better parallelization. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13551)
show more ...
|