X509 updates

Description

None

Environment

None

Activity

Show:
amannb
March 31, 2014, 8:11 PM

Does this work as a short summary? I think it should be the gist of it...

Rework and move X509 certificate processing from the SSL protocol analyzer to a dedicated file analyzer. This will allow us to examine X509 certificates from sources other than SSL in the future. Furthermore, we now parse more fields and extensions from the certificates (e.g. elliptic curve information, subject alternative names, basic constraints). Certificate validation also was improved, should be easier to use and exposes information like the full verified certificate chain.
Note - this update changes the output of ssl.log, adds a new x509.log with certificate information. Furthermore all x509 events and handling functions changed.

Robin Sommer
March 31, 2014, 7:03 PM

Merged, but leaving open as CHANGES still needs an update.

Robin Sommer
March 31, 2014, 2:41 AM

Please give me some text for CHANGES and NEWS that summarize the
changes, it's tricky for me to pull that out of the commits.

amannb
March 28, 2014, 7:13 PM

Seth says the script looks, good, reassigning to Robin.

Merged

Assignee

Johanna Amann

Reporter

Robin Sommer

Labels

None

External issue ID

None

Components

Fix versions

Priority

Normal