Skip to content

feat(OCSP): make OCSP service configurable, verify OCSP responder certificate and response signature #22

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Sep 30, 2021
Merged

feat(OCSP): make OCSP service configurable, verify OCSP responder certificate and response signature #22

merged 3 commits into from
Sep 30, 2021

Conversation

mrts
Copy link
Member

@mrts mrts commented Aug 27, 2021

Refs WE2-432

@mrts mrts added this to the vNext milestone Aug 27, 2021
@mrts mrts force-pushed the make-OCSP-service-configurable-and-verify-OCSP-response branch 3 times, most recently from 7032d40 to b8ac529 Compare August 31, 2021 18:58
@mrts mrts force-pushed the make-OCSP-service-configurable-and-verify-OCSP-response branch 4 times, most recently from f6b2118 to 0f43884 Compare September 10, 2021 20:38
@mrts mrts force-pushed the make-OCSP-service-configurable-and-verify-OCSP-response branch 10 times, most recently from 4e4c898 to 860f1a4 Compare September 17, 2021 19:54
@web-eid web-eid deleted a comment from sonarqubecloud bot Sep 17, 2021
@web-eid web-eid deleted a comment from sonarqubecloud bot Sep 17, 2021
@web-eid web-eid deleted a comment from sonarqubecloud bot Sep 17, 2021
@mrts mrts force-pushed the make-OCSP-service-configurable-and-verify-OCSP-response branch from 860f1a4 to 570af50 Compare September 18, 2021 00:35
@mrts
feat(OCSP): implement configurable designated OCSP service, verify OC…
c360a3c 
…SP responder certificate and response signature

WE2-432

Signed-off-by: Mart Somermaa <[email protected]>
@mrts mrts force-pushed the make-OCSP-service-configurable-and-verify-OCSP-response branch 6 times, most recently from 3738cd0 to da510b5 Compare September 23, 2021 18:41
@mrts mrts force-pushed the make-OCSP-service-configurable-and-verify-OCSP-response branch 6 times, most recently from 33d35d5 to a749d19 Compare September 27, 2021 21:20
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

84.1% 84.1% Coverage
0.0% 0.0% Duplication

@mrts mrts force-pushed the make-OCSP-service-configurable-and-verify-OCSP-response branch 4 times, most recently from 5d2b4b5 to 4ff4fad Compare September 28, 2021 13:32
@web-eid web-eid deleted a comment from sonarqubecloud bot Sep 28, 2021
@mrts mrts force-pushed the make-OCSP-service-configurable-and-verify-OCSP-response branch from 4ff4fad to 1d18775 Compare September 28, 2021 15:50
@mrts mrts requested a review from metsma September 28, 2021 16:34
@mrts mrts force-pushed the make-OCSP-service-configurable-and-verify-OCSP-response branch 2 times, most recently from a93cffd to 372f0e9 Compare September 28, 2021 17:15
@mrts
refactor(OCSP): simplify AIA OCSP configuration, use single truststor…
bd3ae5e 
…e for subject and OCSP responder certificates, add trusted CA certifcates validation

WE2-432

Signed-off-by: Mart Somermaa <[email protected]>
@mrts mrts force-pushed the make-OCSP-service-configurable-and-verify-OCSP-response branch from 372f0e9 to bd3ae5e Compare September 28, 2021 17:17
@mrts
feat(OCSP): make collections immutable in AuthtokeValidationConfigura…
459b4b6 
…tion.copy() and CertificateValidator.buildTrustAnchorsFromCertificates(), reimplement AIA OCSP access location retriving from certificate with higher level AuthorityInformationAccess API
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

83.8% 83.8% Coverage
0.0% 0.0% Duplication

@mrts mrts requested a review from martinpaljak September 30, 2021 14:30
@mrts mrts merged commit d7f291c into main Sep 30, 2021
@mrts mrts deleted the make-OCSP-service-configurable-and-verify-OCSP-response branch September 30, 2021 15:33
svenzik pushed a commit that referenced this pull request May 6, 2025
@kristelmerilain
Remove bionic support (#22)
c435c0f 
IB-7398

Signed-off-by: Kristel Merilain <[email protected]>
@svenzik svenzik mentioned this pull request May 6, 2025
Merged
5 tasks
svenzik pushed a commit that referenced this pull request May 21, 2025
@kristelmerilain @svenzik
Remove bionic support (#22)
bd9576c 
IB-7398

Signed-off-by: Kristel Merilain <[email protected]>
svenzik pushed a commit that referenced this pull request May 26, 2025
@kristelmerilain @svenzik
Remove bionic support (#22)
9b4e8e5 
IB-7398

Signed-off-by: Kristel Merilain <[email protected]>
mrts pushed a commit that referenced this pull request May 26, 2025
@kristelmerilain @mrts
Remove bionic support (#22)
dafe4d7 
IB-7398

Signed-off-by: Kristel Merilain <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@metsma metsma metsma approved these changes

@martinpaljak martinpaljak Awaiting requested review from martinpaljak

+1 more reviewer

@agukasm agukasm agukasm left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

v1.2.0

Development

Successfully merging this pull request may close these issues.

4 participants

@mrts @martinpaljak @metsma @agukasm