gigi.git
2 years agoMerge "add: ant and wget in build dependencies"
Benny Baumann [Tue, 27 Feb 2018 20:26:03 +0000 (21:26 +0100)]
Merge "add: ant and wget in build dependencies"

2 years agoadd: ant and wget in build dependencies
Lucas Werkmeister [Sun, 25 Feb 2018 21:34:51 +0000 (22:34 +0100)]
add: ant and wget in build dependencies

Ant is clearly used for the whole build process, and wget is used to
download the public suffix list as part of the update-effective-tlds Ant
build target.

Change-Id: Ic167f4dc062c38cba309ab44d25a497703c4c847

2 years agochg: remove unused local variables
INOPIAE [Tue, 20 Feb 2018 21:11:23 +0000 (22:11 +0100)]
chg: remove unused local variables

Change-Id: I7bc5a83c0039cf91dd8df3e19f644c5c1f0a3fd4

2 years agofix: resource leaks in OCSPIssuerManager
Benny Baumann [Tue, 20 Feb 2018 20:37:45 +0000 (21:37 +0100)]
fix: resource leaks in OCSPIssuerManager

Change-Id: I15aa074af09c07b72ddb953fa8d1f63b6ae3eb88

2 years agoMerge changes I18f5f27f,I27ec303f,I78009fe3
Felix Dörre [Tue, 20 Feb 2018 20:21:39 +0000 (21:21 +0100)]
Merge changes I18f5f27f,I27ec303f,I78009fe3

* changes:
  fix: avoid resource leak when generating OCSP requests
  fix: prevent possible NPE on failure to list the CA directory
  chg: ensure actor, target and support ticket are non-null

2 years agoMerge changes Ica9a9fc2,I5effef05
Felix Dörre [Sun, 18 Feb 2018 16:00:30 +0000 (17:00 +0100)]
Merge changes Ica9a9fc2,I5effef05

* changes:
  chg: reword error message to match conditions
  chg: enable support to find organisation domains

2 years agochg: reword error message to match conditions
INOPIAE [Fri, 16 Feb 2018 11:34:03 +0000 (12:34 +0100)]
chg: reword error message to match conditions

Change-Id: Ica9a9fc26b8f35d07232669b4efde5ea0ac24cb2

2 years agochg: enable support to find organisation domains
INOPIAE [Mon, 12 Feb 2018 07:35:18 +0000 (08:35 +0100)]
chg: enable support to find organisation domains

fixes issue #46

Change-Id: I5effef053020cfb440d8560c3252399657f33d96

2 years agochg: restructure code for better readability
INOPIAE [Thu, 15 Feb 2018 10:38:52 +0000 (11:38 +0100)]
chg: restructure code for better readability

Change-Id: If161d9176ac23edc0c5f19524c0dc2a157443ba2

2 years agofix: avoid resource leak when generating OCSP requests
Benny Baumann [Tue, 6 Feb 2018 20:16:18 +0000 (21:16 +0100)]
fix: avoid resource leak when generating OCSP requests

Change-Id: I18f5f27fa2f7858a2466bdd532a3770b045e7108

2 years agofix: prevent possible NPE on failure to list the CA directory
Benny Baumann [Tue, 6 Feb 2018 15:27:02 +0000 (16:27 +0100)]
fix: prevent possible NPE on failure to list the CA directory

Change-Id: I27ec303fa5f0aa50af553e1ea0422f61fa5c4393

2 years agochg: ensure actor, target and support ticket are non-null
Benny Baumann [Tue, 6 Feb 2018 15:03:52 +0000 (16:03 +0100)]
chg: ensure actor, target and support ticket are non-null

This patch is a defense-in-depth in cases of internal inconsistencies:
If e.g. somehow the session used to authenticate a request gets corrupted or
through a race condition a user gets deleted in the DB between validation
of the password and passing on that user to the actual session login this
will provide a safe-guard. This also centralises the check for acceptable
AuthorisationContexts in the class itself.

Result of this patch is any call to AuthorisationContext.getActor() will
return a non-null User object, as AuthorisationContexts with an null actor,
target or support ticket are rejected as invalid.

Change-Id: I78009fe3385820cd46a31a74c4c68f1cdaa65628

2 years agochg: enable support to remove supporter flag for own account
INOPIAE [Mon, 12 Feb 2018 15:48:17 +0000 (16:48 +0100)]
chg: enable support to remove supporter flag for own account

fixes issue #77

Change-Id: I0f0197607c1eb7907c3ffafcbcd01fbe109d73af

2 years agoMerge "chg: adjust wording and use of uppercase on Manager.templ"
Felix Dörre [Mon, 12 Feb 2018 15:54:21 +0000 (16:54 +0100)]
Merge "chg: adjust wording and use of uppercase on Manager.templ"

2 years agochg: adjust wording and use of uppercase on Manager.templ
INOPIAE [Sat, 10 Feb 2018 12:55:18 +0000 (13:55 +0100)]
chg: adjust wording and use of uppercase on Manager.templ

Change-Id: Idf1781caf16bfe3c4129e26a809406188e9c9475

2 years agochg: add p7b to download all intermediate certificates in one file
INOPIAE [Sun, 4 Feb 2018 06:16:12 +0000 (07:16 +0100)]
chg: add p7b to download all intermediate certificates in one file

fixes issue #148

Change-Id: Idcc73b9dfa093f5e32c3642987a190d9a975349e

2 years agochg: add appName to filename for root certificate download
INOPIAE [Sun, 4 Feb 2018 09:38:40 +0000 (10:38 +0100)]
chg: add appName to filename for root certificate download

Change-Id: I6f6ebeb06b54c3a7c49b30d887daa188b1fa35c6

2 years agoMerge "chg: extract url to links.txt"
Benny Baumann [Thu, 8 Feb 2018 19:48:29 +0000 (20:48 +0100)]
Merge "chg: extract url to links.txt"

2 years agoMerge "fix: move switch to organisation context to separate page"
Benny Baumann [Thu, 8 Feb 2018 19:48:12 +0000 (20:48 +0100)]
Merge "fix: move switch to organisation context to separate page"

2 years agoMerge "chg: reword error message to match conditions"
Benny Baumann [Thu, 8 Feb 2018 19:05:42 +0000 (20:05 +0100)]
Merge "chg: reword error message to match conditions"

2 years agochg: enforce email address for certificate was pinged within 6 months
INOPIAE [Mon, 5 Feb 2018 09:43:51 +0000 (10:43 +0100)]
chg: enforce email address for certificate was pinged within 6 months

fixes issue #5

Change-Id: I612adef8c99c8eb1cdb6e5c7fa4cf56c34e66f34

2 years agochg: extract url to links.txt
INOPIAE [Thu, 1 Feb 2018 22:02:57 +0000 (23:02 +0100)]
chg: extract url to links.txt

fixes issue #26

Change-Id: I8c5521bf3daaf203b390f2059a0cafb56c79c028

2 years agofix: move switch to organisation context to separate page
INOPIAE [Tue, 30 Jan 2018 06:00:03 +0000 (07:00 +0100)]
fix: move switch to organisation context to separate page

fixes issue #125

Change-Id: Id70d645e720cc43a0b28fc5c7355ba3492495d59

2 years agochg: reword error message to match conditions
INOPIAE [Thu, 1 Feb 2018 20:57:38 +0000 (21:57 +0100)]
chg: reword error message to match conditions

Change-Id: I8c7f3c251fa93d0668ec4129b10de05bf95f994c

2 years agoMerge "chg: jar version to match the version generated for the package"
Felix Dörre [Tue, 30 Jan 2018 23:44:47 +0000 (00:44 +0100)]
Merge "chg: jar version to match the version generated for the package"

2 years agochg: adjust wording and target for static links
INOPIAE [Mon, 29 Jan 2018 03:55:21 +0000 (04:55 +0100)]
chg: adjust wording and target for static links

fixes issues #146

Change-Id: If116abe20d4ad61a2bebbd6d74f9bf9186ba2ef1

2 years agochg: jar version to match the version generated for the package
Felix Dörre [Mon, 29 Jan 2018 10:55:28 +0000 (11:55 +0100)]
chg: jar version to match the version generated for the package

The jar version is displayed on the About page. Changing it to match the
syntax of the package version allows a user to compare two versions and
see which one is newer.

Change-Id: Ifcfc315bb83d0d08c10b22632f6786e32c7a5896

2 years agoMerge "add: include Microsoft codesigning OIDs to SimpleSigner"
Felix Dörre [Mon, 29 Jan 2018 10:52:02 +0000 (11:52 +0100)]
Merge "add: include Microsoft codesigning OIDs to SimpleSigner"

2 years agoMerge changes I47ec8fcb,I2cd200f3
Benny Baumann [Sat, 27 Jan 2018 21:07:21 +0000 (22:07 +0100)]
Merge changes I47ec8fcb,I2cd200f3

* changes:
  chg: refactor script to fetch external libraries
  add: dnsjava 2.1.8 dependency and sanity test

2 years agoadd: include Microsoft codesigning OIDs to SimpleSigner
INOPIAE [Thu, 18 Jan 2018 10:49:09 +0000 (11:49 +0100)]
add: include Microsoft codesigning OIDs to SimpleSigner

Change-Id: Ia34a29ad28af08204c8f5b8ecf4c8be7be105e79

2 years agochg: adjust text to current settings
INOPIAE [Sun, 21 Jan 2018 06:27:07 +0000 (07:27 +0100)]
chg: adjust text to current settings

Change-Id: I784a97dc0f558116a77380174a8402e10344b65e

2 years agochg: refactor script to fetch external libraries
Lucas Werkmeister [Wed, 17 Jan 2018 23:23:55 +0000 (00:23 +0100)]
chg: refactor script to fetch external libraries

With this formulation of the script, we only need to change one place in
the script to update or add libraries. (However, the separate .gitignore
and checksums.txt files still need to be updated as well.)

(The unquoted $(basename ...) is safe because we know the basenames
cannot contain spaces – at worst, they would be URL-encoded as %20.)

Change-Id: I47ec8fcb1e1c581df52a9e31f726bcc35fe8f94b

2 years agoadd: dnsjava 2.1.8 dependency and sanity test
Felix Dörre [Tue, 16 Jan 2018 23:01:06 +0000 (00:01 +0100)]
add: dnsjava 2.1.8 dependency and sanity test

Change-Id: I2cd200f3c63f9482cfe23c33a873525f8d0e6261

2 years agoMerge "add: certificate status check via web form"
Felix Dörre [Thu, 18 Jan 2018 10:05:20 +0000 (11:05 +0100)]
Merge "add: certificate status check via web form"

2 years agochg: create superclass for SE tests
INOPIAE [Wed, 17 Jan 2018 11:28:30 +0000 (12:28 +0100)]
chg: create superclass for SE tests

Change-Id: I30261f79e4f3a4babf62ce2d824716ec4b808609

2 years agoadd: revocation state in the result list of support cert search
INOPIAE [Wed, 30 Aug 2017 05:15:27 +0000 (07:15 +0200)]
add: revocation state in the result list of support cert search

Change-Id: I1b18cfdd2fc4dfb88cb33d0ff468f848f69fa4fd

2 years agoMerge "chg: hide "Show advanced options" checkbox when javascript is disabled"
Benny Baumann [Wed, 17 Jan 2018 08:37:17 +0000 (09:37 +0100)]
Merge "chg: hide "Show advanced options" checkbox when javascript is disabled"

2 years agoMerge "fix: spelling"
Benny Baumann [Wed, 17 Jan 2018 08:33:53 +0000 (09:33 +0100)]
Merge "fix: spelling"

2 years agoadd: certificate status check via web form
INOPIAE [Thu, 17 Aug 2017 06:24:40 +0000 (08:24 +0200)]
add: certificate status check via web form

fixes issue #144

Change-Id: I8cecf73879a55106c5ce8512175f0e95df0753f5

2 years agochg: hide "Show advanced options" checkbox when javascript is disabled
Felix Dörre [Tue, 9 Jan 2018 19:55:00 +0000 (20:55 +0100)]
chg: hide "Show advanced options" checkbox when javascript is disabled

Change-Id: Ic3c4a6fb2037d7fc8f227752e6f737b14b72cb56

2 years agofix: spelling
Lucas Werkmeister [Tue, 16 Jan 2018 20:52:32 +0000 (21:52 +0100)]
fix: spelling

“departement” or “département” is French (or German borrowed from
French); in English one of the ‘e’s is dropped. (Compare to the variable
one line below, which is already spelled correctly.)

Change-Id: I9a9f0157b63eb63260ecdeb384e2a2361f4543d8

2 years agochg: cleanup locateCertificate method
Felix Dörre [Sun, 14 Jan 2018 14:18:56 +0000 (15:18 +0100)]
chg: cleanup locateCertificate method

Change-Id: I9254473df87895df0548331c817d833efe170944

2 years agochg: enhance type safety of serials
Felix Dörre [Sun, 14 Jan 2018 14:43:54 +0000 (15:43 +0100)]
chg: enhance type safety of serials

Change-Id: I07cebd21bd795803fb5f6e42dc18990918cb8c9c

2 years agoadd: serial normalization
Felix Dörre [Sun, 14 Jan 2018 14:16:17 +0000 (15:16 +0100)]
add: serial normalization

Change-Id: I2d273e7686f014aa7e90cc446f019b1d41e637ef

2 years agochg: factor out certificate locating logic
Felix Dörre [Sun, 14 Jan 2018 13:57:46 +0000 (14:57 +0100)]
chg: factor out certificate locating logic

Change-Id: I5436574b597ca5108b4badc093f93ec67193955b

2 years agochg: sign development gigi certificates for longer time periods
Felix Dörre [Tue, 9 Jan 2018 19:56:19 +0000 (20:56 +0100)]
chg: sign development gigi certificates for longer time periods

Change-Id: I733affd7b8e9e5a027377076b0561818c63aa792

2 years agochg: make description work for certificate, save and display description
INOPIAE [Wed, 27 Dec 2017 07:14:13 +0000 (08:14 +0100)]
chg: make description work for certificate, save and display description

fixes issue #53

Change-Id: Ib21db362fd593428731269661fd01417d95114d3

2 years agofix: add missing timecondition during init process
INOPIAE [Thu, 4 Jan 2018 11:05:16 +0000 (12:05 +0100)]
fix: add missing timecondition during init process

Change-Id: Id1d14d9edae4ac8689b3c9b9c1f04ac36b883913

2 years agoMerge "chg: format show history link"
Lucas Werkmeister [Thu, 4 Jan 2018 21:47:57 +0000 (22:47 +0100)]
Merge "chg: format show history link"

2 years agoMerge "chg: don’t use printf with variable format strings"
Felix Dörre [Thu, 4 Jan 2018 12:02:15 +0000 (13:02 +0100)]
Merge "chg: don’t use printf with variable format strings"

2 years agochg: don’t use printf with variable format strings
Lucas Werkmeister [Thu, 28 Dec 2017 12:37:15 +0000 (13:37 +0100)]
chg: don’t use printf with variable format strings

Except in very exceptional cases, the format string to printf should
never be variable (and for maximum clarity, it should always be
single-quoted even if it happens to contain no shell special
characters). This commit changes one format string from double to single
quotes and rewrites two more to use substitution sequences instead of
substituting variables directly into the format (which is dangerous if
they could contain ‘%’ characters).

With this change, the following search finds no results:

    git grep "printf (?:>&2 )? [^']"

Change-Id: Ieeae16c483a7e568cd5812260a6ac54375c33340

2 years agoMerge "add: script to generate changelog based on git info"
Benny Baumann [Thu, 28 Dec 2017 19:18:42 +0000 (20:18 +0100)]
Merge "add: script to generate changelog based on git info"

2 years agoadd: script to generate changelog based on git info
Felix Dörre [Mon, 6 Nov 2017 21:02:00 +0000 (22:02 +0100)]
add: script to generate changelog based on git info

Extract version and date of the debian/changelog file from git.

Additionally adjust the jenkins template with general updates and
invocation of the new generation script.

Change-Id: I2c286e7c4411385fabecdbde74a6a1e6cfbb803e

2 years agoMerge "upd: remove alert settings from register process"
Felix Dörre [Mon, 25 Dec 2017 01:40:34 +0000 (02:40 +0100)]
Merge "upd: remove alert settings from register process"

2 years agoMerge "chg: adjust ticket number handling according to current number scheme"
Felix Dörre [Mon, 25 Dec 2017 01:40:31 +0000 (02:40 +0100)]
Merge "chg: adjust ticket number handling according to current number scheme"

2 years agoupd: remove alert settings from register process
INOPIAE [Thu, 7 Dec 2017 05:29:09 +0000 (06:29 +0100)]
upd: remove alert settings from register process

Change-Id: I511ceed2f00c15902c46d31564ba4f8454fef774

2 years agofix: ensure that Users and Organisations only are inserted completely
Felix Dörre [Sat, 9 Dec 2017 23:18:03 +0000 (00:18 +0100)]
fix: ensure that Users and Organisations only are inserted completely

Change-Id: I2c9fc5140ad46020c55325622fb102a0d1a073db

2 years agoMerge changes I86c1045b,I9fc533ac
Benny Baumann [Wed, 20 Dec 2017 22:27:40 +0000 (23:27 +0100)]
Merge changes I86c1045b,I9fc533ac

* changes:
  chg: revoke certificates if repeated ping failed
  fix: the "generateBrokenKeypair" can sometimes hang indefinitely

2 years agoMerge changes I2f1b08c0,Ie38a6b51
Felix Dörre [Mon, 18 Dec 2017 23:42:25 +0000 (00:42 +0100)]
Merge changes I2f1b08c0,Ie38a6b51

* changes:
  chg: move email and domain to verification menu
  chg: adjust wording to have a consequent wording over all pages displayed to the user

2 years agochg: adjust ticket number handling according to current number scheme
INOPIAE [Sun, 17 Dec 2017 06:15:48 +0000 (07:15 +0100)]
chg: adjust ticket number handling according to current number scheme

Change-Id: I48d298bc4b4b9f11befdb00ec87a4cc83ebbcc2c

2 years agochg: revoke certificates if repeated ping failed
Felix Dörre [Fri, 1 Dec 2017 22:18:38 +0000 (23:18 +0100)]
chg: revoke certificates if repeated ping failed

Change-Id: I86c1045bb0ab1e47657cc445af4f1eb8c53e031c

2 years agofix: the "generateBrokenKeypair" can sometimes hang indefinitely
Felix Dörre [Wed, 13 Dec 2017 19:34:15 +0000 (20:34 +0100)]
fix: the "generateBrokenKeypair" can sometimes hang indefinitely

The value of "p" can be too small so no value for "q" can be found.

The problem can be resolved by re-choosing both p and q when the result
is too small. The old "swap and only re-generate the smaller prime" does
not work anymore as p and q are not generated with equal length.

Change-Id: I9fc533ac6ece769b15deeb4186385f2a72188e72

2 years agofix: allow dev-certificates to be regenerated (with different serials)
Felix Dörre [Fri, 1 Dec 2017 22:12:15 +0000 (23:12 +0100)]
fix: allow dev-certificates to be regenerated (with different serials)

When old auto-generated certificates expire, it is necessary to
regenerate gigi's certificates. It is more comfortable to use different
serials there.

Change-Id: I0773d73e4cf392c7a5b7b1c400844b30171a9ebf

2 years agochg: format show history link
INOPIAE [Sun, 10 Dec 2017 11:59:58 +0000 (12:59 +0100)]
chg: format show history link

Change-Id: I121af08191c13978781854ce3c873dd95c1516ca

2 years agochg: move email and domain to verification menu
INOPIAE [Sat, 9 Dec 2017 13:29:06 +0000 (14:29 +0100)]
chg: move email and domain to verification menu

Change-Id: I2f1b08c0ba6d0500efcc7f04d54433900afeb8b3

2 years agochg: adjust wording to have a consequent wording over all pages
INOPIAE [Sat, 9 Dec 2017 06:35:29 +0000 (07:35 +0100)]
chg: adjust wording to have a consequent wording over all pages
displayed to the user

Change-Id: Ie38a6b517a266790f0dc0fc80c5fa0561fe6925c

2 years agoupd: clean output of Test-Manager Pinger-Forwarding
Felix Dörre [Fri, 1 Dec 2017 22:01:48 +0000 (23:01 +0100)]
upd: clean output of Test-Manager Pinger-Forwarding

Change-Id: I6c19430bbe09ede13ca90d070f2309ce23a6f547

2 years agofix: clean up "SECURE_REFERENCE"-Page
Felix Dörre [Fri, 1 Dec 2017 15:19:45 +0000 (16:19 +0100)]
fix: clean up "SECURE_REFERENCE"-Page

Change-Id: I866cb02ae3c8206c29dba980fc35f01f4c527585

3 years agochg: get wording to be the same as in Signup.java
INOPIAE [Tue, 14 Nov 2017 20:53:40 +0000 (21:53 +0100)]
chg: get wording to be the same as in Signup.java

Change-Id: I88b6a9aaa4108120074b8551960f0841c141054b

3 years agofix: create config variables for email addresses
INOPIAE [Tue, 14 Nov 2017 20:18:36 +0000 (21:18 +0100)]
fix: create config variables for email addresses

fixes issue #74

Change-Id: I9761e4c27fd92365cb647b9be8f954c4c02ffba2

3 years agoMerge "chg: improve information about password strength"
Felix Dörre [Tue, 14 Nov 2017 18:24:12 +0000 (19:24 +0100)]
Merge "chg: improve information about password strength"

3 years agoMerge "upd: get default variables into outputables for error messages"
Benny Baumann [Sat, 11 Nov 2017 13:56:01 +0000 (14:56 +0100)]
Merge "upd: get default variables into outputables for error messages"

3 years agoMerge "chg: wording on root cert page"
Benny Baumann [Sat, 11 Nov 2017 12:48:14 +0000 (13:48 +0100)]
Merge "chg: wording on root cert page"

3 years agoMerge changes Icf0b8af5,I2f8a5077
Benny Baumann [Sat, 11 Nov 2017 12:38:57 +0000 (13:38 +0100)]
Merge changes Icf0b8af5,I2f8a5077

* changes:
  add: table to store certificate logs
  chg: manage more resources explicitly

3 years agochg: improve information about password strength
INOPIAE [Wed, 11 Oct 2017 06:29:26 +0000 (08:29 +0200)]
chg: improve information about password strength

Change-Id: Ib9ef93fd4961df8bbc6bd667af8d1e0b5f49d602

3 years agoupd: get default variables into outputables for error messages
Felix Dörre [Wed, 11 Oct 2017 11:29:00 +0000 (13:29 +0200)]
upd: get default variables into outputables for error messages

Change-Id: I01c09aa503158d8cdbcfb3e15b03b61e9ac29d21

3 years agochg: wording on root cert page
INOPIAE [Thu, 9 Nov 2017 18:01:05 +0000 (19:01 +0100)]
chg: wording on root cert page

Change-Id: Ic05ec9747487bb1102e82e81e7d952f505a1c19e

3 years agoadd: table to store certificate logs
Felix Dörre [Mon, 6 Nov 2017 21:00:58 +0000 (22:00 +0100)]
add: table to store certificate logs

Change-Id: Icf0b8af5b7c40264acdf0d08f395f5f235962dfc

3 years agochg: manage more resources explicitly
Felix Dörre [Tue, 7 Nov 2017 20:06:55 +0000 (21:06 +0100)]
chg: manage more resources explicitly

When a constructor that gets a resource fails, it might prevent the
resource from being closed. By giving the resource explicitly to the
try-with-resources, this is prevented.

Change-Id: I2f8a50773de71f699c00729b51048892a44033e6

3 years agochg: use GCD of pre-multiplied list of primes to check for known factors
Benny Baumann [Tue, 7 Nov 2017 20:20:05 +0000 (21:20 +0100)]
chg: use GCD of pre-multiplied list of primes to check for known factors

Change-Id: Iae10d67814bed36a8864cccf4d7e33ad3dbefeab

3 years agoMerge changes I46ae11f8,I6d71e70e,Ie19e3229
Benny Baumann [Tue, 7 Nov 2017 19:55:40 +0000 (20:55 +0100)]
Merge changes I46ae11f8,I6d71e70e,Ie19e3229

* changes:
  chg: remove csr_name and crt_name columns from certs
  chg: use certificate attachment to store CRT and CSR files
  add: text-attachments for certificates

3 years agoMerge "add: show more certificates on the "roots" page"
Lucas Werkmeister [Tue, 7 Nov 2017 19:36:37 +0000 (20:36 +0100)]
Merge "add: show more certificates on the "roots" page"

3 years agochg: remove csr_name and crt_name columns from certs
Felix Dörre [Sat, 4 Nov 2017 23:25:22 +0000 (00:25 +0100)]
chg: remove csr_name and crt_name columns from certs

Change-Id: I46ae11f8a158547f4b1c1e1ddf062f6016e36af0

3 years agochg: use certificate attachment to store CRT and CSR files
Felix Dörre [Sat, 4 Nov 2017 23:04:39 +0000 (00:04 +0100)]
chg: use certificate attachment to store CRT and CSR files

Note: requires an updated version of cassiopeia

Change-Id: I6d71e70ec84a95a0323ab945e69bc6e29c332a81

3 years agoadd: text-attachments for certificates
Felix Dörre [Sat, 4 Nov 2017 22:50:45 +0000 (23:50 +0100)]
add: text-attachments for certificates

Change-Id: Ie19e3229557f829f4c6ec9617daa34f3238b1e85

3 years agoadd: functionality check for rejection of broken keys
Benny Baumann [Thu, 2 Nov 2017 23:05:44 +0000 (00:05 +0100)]
add: functionality check for rejection of broken keys

Change-Id: Ic7b3ef5515af2417057d04855b249a60e08f9cf8

3 years agoMerge changes Iabf8ec0b,Ia60382fc,I84138914,If8bc2638,Ia7813913
Benny Baumann [Thu, 2 Nov 2017 23:10:40 +0000 (00:10 +0100)]
Merge changes Iabf8ec0b,Ia60382fc,I84138914,If8bc2638,Ia7813913

* changes:
  add: check for keys using acceptable algorithms
  chg: update debian/copyright file based on upstream spec
  add: public key check testing for ROCA (Return of Coppersmith Attack) vulnerability
  add: public key check searching for small primes (less than 10k)
  add: initial class for performing arbitrary checks to validate public keys

3 years agoadd: check for keys using acceptable algorithms
Benny Baumann [Fri, 27 Oct 2017 17:40:44 +0000 (19:40 +0200)]
add: check for keys using acceptable algorithms

Change-Id: Iabf8ec0bc22ff4b117073ad0d068409bbf00040e

3 years agochg: update debian/copyright file based on upstream spec
Benny Baumann [Thu, 26 Oct 2017 20:47:33 +0000 (22:47 +0200)]
chg: update debian/copyright file based on upstream spec

Change-Id: Ia60382fc3b516543418bcafb9af34fee181eac89

3 years agoadd: public key check testing for ROCA (Return of Coppersmith Attack) vulnerability
Benny Baumann [Wed, 18 Oct 2017 23:31:23 +0000 (01:31 +0200)]
add: public key check testing for ROCA (Return of Coppersmith Attack) vulnerability

Check based on code from https://github.com/crocs-muni/roca/blob/master/java/BrokenKey.java

Change-Id: I84138914ad944fcc089f50cc8d84dbcd38723ff8

3 years agoadd: public key check searching for small primes (less than 10k)
Benny Baumann [Wed, 18 Oct 2017 23:28:46 +0000 (01:28 +0200)]
add: public key check searching for small primes (less than 10k)

Change-Id: If8bc26381bb2e8f4f267cfd211f1154bcb3a7d65

3 years agoadd: initial class for performing arbitrary checks to validate public keys
Benny Baumann [Wed, 18 Oct 2017 23:25:59 +0000 (01:25 +0200)]
add: initial class for performing arbitrary checks to validate public keys

Change-Id: Ia7813913b1f5922747ddba4af9a21e4fbaf07c9e

3 years agoupd: enforce that test cases receive all mails explicitly
Felix Dörre [Sat, 28 Oct 2017 06:44:39 +0000 (08:44 +0200)]
upd: enforce that test cases receive all mails explicitly

Change-Id: I7a9335f13b125d473f6f12bd05d3f2da6d535785

3 years agofix: more spontaneous failing test cases
Felix Dörre [Thu, 26 Oct 2017 22:05:16 +0000 (00:05 +0200)]
fix: more spontaneous failing test cases

Change-Id: I5bd3df024d647ca7793bc895f866c60aa6d9d55c

3 years agoadd: show more certificates on the "roots" page
Felix Dörre [Sun, 8 Oct 2017 15:22:05 +0000 (17:22 +0200)]
add: show more certificates on the "roots" page

Change-Id: I2a2acbba4636bc54b93d4f3022543a66a296ec6c

3 years agoadd: message while reporting private key compromise
Felix Dörre [Fri, 25 Aug 2017 22:52:48 +0000 (00:52 +0200)]
add: message while reporting private key compromise

Change-Id: I164ed07804c65e9e9396166d61e3cba645ae308e

3 years agoadd: process to report compromised certificates
Felix Dörre [Sat, 29 Jul 2017 21:12:54 +0000 (23:12 +0200)]
add: process to report compromised certificates

Change-Id: I0f124a48ea18740d19fc413dd99b9a69bd1eb33e

3 years agoadd: key-compromise revocation
Felix Dörre [Fri, 25 Aug 2017 14:45:55 +0000 (16:45 +0200)]
add: key-compromise revocation

Change-Id: If52127f976f6a0238ed4ec3673b848f1aba0181a

3 years agoupd: modifications in jenkins job to use newest NRE
Felix Dörre [Thu, 5 Oct 2017 16:58:29 +0000 (18:58 +0200)]
upd: modifications in jenkins job to use newest NRE

Change-Id: I938cd266ffaa371194f9dbbd1802fab357df59e0

3 years agoupd: enhance "generateTruststoreNRE"-script to generate gigi-keys
Felix Dörre [Thu, 5 Oct 2017 16:43:15 +0000 (18:43 +0200)]
upd: enhance "generateTruststoreNRE"-script to generate gigi-keys

... for development

Change-Id: I1ebb0c157fb6bcca8a83e27037b9f26c7d707019