Releases: liamdennehy/eidas-certificate-parse
Releases · liamdennehy/eidas-certificate-parse
Fix phpseclib 2.0 vulnerability
Merge pull request #81 from liamdennehy/deps phpseclib >=2.0.31 fixes RSA sig vuln
ECDSA keys supported (but not signatures)
Merge pull request #78 from liamdennehy/ecdsa-cert ECDSA public keys in certificate properly parsed. Still todo: signature verification.
3.5.1
Merge branch 'fix/phpseclib_version'
Certificate Transparency
Parse SCT lists
3.4.1: Merge pull request #74 from liamdennehy/identifier-consistency
Identifier consistency
OC Yes Please!
OCSP ready for primetime!
- Each request and response has a unique identifier relating to the certificate bundle. Use to overwrite prior requests/responses with the same bundle.
- Each request and response has identifiers for each certificate being queried/responded. Use to link certificates to response bundles
- Certificate object can emit its' certificate identifier to match with a request or response.
OCS Please
Lots of OCSP-related improvements including:
- Generate requests for multiple certificates
- Confirm correct parsing of requests and responses for multiple certificates
- Verify signature on OCSP Response
- If response includes certificates, match signer
- if response does not include certs, supply potential signer certificate
OCS Three
OCSP Handling
Basic OCSP processing - parse incoming response and verify signature against embedded certificates or one provided by client.
Threedy Speedy
- Optimised object creation by avoiding unnecessary ASN1 binary conversions between calls
- Updated to most recent Trusted Lists along with supporting certificates
Three and a bit
OCSP Request handling - creating, parsing, and eventually fuzzing :)