Tandem/certspotter
2
0
Fork 0
mirror of https://github.com/SSLMate/certspotter.git synced 2025-06-27 10:15:33 +02:00
Code Issues Packages Projects Releases Wiki Activity
368 Commits 1 Branch 23 Tags
Commit Graph

368 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrew Ayer
56dec6a1a5 Start monitoring Nimbus logs 2018-03-25 12:30:26 -07:00
Andrew Ayer
7c6da49708 Stop monitoring Argon 2017 
It's no longer 2017 and this log was never accepted by Chrome anyways.
 2018-03-25 12:28:44 -07:00
Andrew Ayer
bc255f43d5 Add functions to verify SCTs 2017-12-17 09:51:46 -08:00
Andrew Ayer
bf676f06be Add JSON tags to SignedCertificateTimestamp 2017-12-16 10:13:25 -08:00
Andrew Ayer
ab16995f56 Release 0.8 0.8 2017-12-08 13:02:59 -08:00
Andrew Ayer
dd7e3a126d Add DigiCert 2 log 2017-12-08 13:02:59 -08:00
Andrew Ayer
4268566999 Add Symantec Sirius log 2017-12-08 13:00:24 -08:00
Andrew Ayer
e96ccbab62 Release 0.7 0.7 2017-11-13 15:10:30 -08:00
Andrew Ayer
e546f123f5 Add Google Argon logs 2017-11-11 15:24:03 -08:00
Andrew Ayer
822a03f365 Track log certificate expiry range 2017-11-11 15:23:56 -08:00
Andrew Ayer
41ca1aaab8 Avoid unaligned atomic access on 32 bit platforms 
Closes #23
 2017-11-06 13:33:02 -08:00
Andrew Ayer
a26bf3e300 Release 0.6 0.6 2017-10-19 12:51:28 -07:00
Andrew Ayer
7283e51420 Disable TLS certificate validation when communicating with log 
See the source code comments for an explanation for why this is both
necessary and not insecure.
 2017-10-19 12:51:28 -07:00
Andrew Ayer
1a6ed13fd6 Add Comodo Mammoth and Comodo Sabre 
Trusted as of Chrome 60.
 2017-10-19 12:51:28 -07:00
Andrew Ayer
709aa01308 Add Comodo Dodo to the openLogs list 2017-10-17 17:24:59 -07:00
Andrew Ayer
8b2664b474 Release 0.5 0.5 2017-05-18 10:04:18 -07:00
Andrew Ayer
62cbba12a3 Remove PuChuangSiDa log 
They've flown the coop and will likely be removed from Chrome.
 2017-05-13 09:52:19 -07:00
Andrew Ayer
3df9fb4e73 Add Venafi Gen2 log 
It's not qualified by Chrome yet, but it is accumulating so many entries
already that I think it's good to get a head start on monitoring it.
 2017-04-29 13:02:58 -07:00
Andrew Ayer
1814cb87e5 Return additional info about pre-cert from ValidatePrecert 2017-04-27 10:48:48 -07:00
Andrew Ayer
06c253a0ea Continue processing a log even if an STH failed to verify 
It may still be possible to audit other STHs, and to scan new entries
up to the latest verified STH.  This allows Cert Spotter to continue
to make forward progress even if a log is persistently skewed (as the
DigiCert has been lately).

Also, rework some code to be simpler and less redundant.
 2017-04-27 10:48:48 -07:00
Alex Gaynor
1f8751aba5 Update the date for Chromium mandatory CT 2017-04-23 14:19:09 -04:00
Andrew Ayer
5d9fa9dfd9 Release 0.4 0.4 2017-04-03 15:30:53 -07:00
Andrew Ayer
e1dd1f25bf Remove Venafi log, which forked and will be removed from Chrome 
https://groups.google.com/a/chromium.org/forum/#!topic/ct-policy/KMAcNT3asTQ
 2017-03-20 11:36:57 -07:00
Andrew Ayer
583aebe9ab Add PuChuangSiDa 1 log 
It is scheduled for inclusion in Chrome:

https://bugs.chromium.org/p/chromium/issues/detail?id=667663
 2017-03-20 11:35:12 -07:00
Andrew Ayer
fa81965dee Remove log ID comments from logs.go 2017-03-20 11:33:11 -07:00
Andrew Ayer
b051332b1d Release 0.3 0.3 2017-02-20 13:13:09 -08:00
Andrew Ayer
8b9c08b984 submitct: apply gofmt 2017-02-05 10:09:42 -08:00
Andrew Ayer
732a660767 submitct: reorganize code 2017-02-05 10:09:19 -08:00
Andrew Ayer
b94d850dbe submitct: use maps for efficiency 
This will make submitct work better with lots of certificates as input.
 2017-02-05 10:07:30 -08:00
Andrew Ayer
74ffda2dc6 x509: factor out ParseRDNSequence 2017-02-05 10:04:43 -08:00
Andrew Ayer
779230cbc8 submitct: include cert index in log entries 2017-02-04 16:09:56 -08:00
Andrew Ayer
e7a9ba6e7d Add submitct program for submitting certs 2017-02-04 16:05:51 -08:00
Andrew Ayer
8846cbcbd9 Add OpenLogs array, for logs with open submission policies 2017-02-04 16:04:00 -08:00
Andrew Ayer
b6f99bad2c logclient: add support for add-chain request 2017-02-04 16:03:48 -08:00
Andrew Ayer
fecfeb033d logclient: add support for POST requests 2017-02-04 16:03:35 -08:00
Andrew Ayer
13b064878b Update NEWS file 2017-01-10 11:25:02 -08:00
Andrew Ayer
e8c4f10e97 Use a lock file to prevent certspotter from running concurrently 2017-01-10 10:50:41 -08:00
Andrew Ayer
2f0833ac9c Apply gofmt 2017-01-08 10:17:00 -08:00
Andrew Ayer
9f3e9968ec Rename verified_sth.json to just sth.json 2017-01-08 10:15:41 -08:00
Andrew Ayer
7adbc6cffe Add .json extension to log state filenames 
Since they are JSON.
 2017-01-08 10:14:44 -08:00
Andrew Ayer
b88de6b320 Rename "position" to "tree" in log state 2017-01-06 14:49:42 -08:00
Andrew Ayer
9c3e697231 CollapsedMerkleTree: rename stack to nodes 2017-01-06 14:43:20 -08:00
Andrew Ayer
671814cd9b CollapsedMerkleTree: rename numLeaves to size 2017-01-06 14:41:51 -08:00
Andrew Ayer
9ceedea9ef Rename MerkleTreeBuilder to CollapsedMerkleTree 2017-01-06 14:39:08 -08:00
Andrew Ayer
cf742c121e Update NEWS file 2017-01-06 13:36:56 -08:00
Andrew Ayer
d8b1877e8d Improve filenames of unverified STHs 
Include the tree size in plain decimal, since it's more user-friendly.

Don't include tree size in hash (redundant now that we're storing it
outside of hash) or version (implied by signature).
 2017-01-06 12:51:10 -08:00
Andrew Ayer
1719aa5d8e Set log ID in STHs that we download 
This will facilitate STH pollination.
 2017-01-06 12:50:21 -08:00
Andrew Ayer
0eb6d199a4 Improve the name of a function 2017-01-06 12:24:09 -08:00
Andrew Ayer
c8f0a0f9e8 Only write once file if run was 100% successful 
Otherwise, if a single log was unreachable, we'd be force to download
all of it on the next run.
 2017-01-06 12:23:20 -08:00
Andrew Ayer
0d9b81ecc8 Tweak logic for storing tree position 2017-01-06 12:19:53 -08:00