Changelog of @hackage/x509-ocsp 0.4.0.1

0.4.0.1

  • Ensure that the list of certificates in the OCSP response comprises the correct ASN.1 sequence.
  • Refactor function getOCSPResponseVerificationData'.

0.4.0.0

  • Field ocspRespCerts of OCSPResponseVerificationData now contains a list of signed certificates augmented by DER-encoded tbsCertificate as defined in rfc5280. This enables check of the OCSP Signature Authority Delegation. See a basic implementation of the check in the client-ocsp example.

0.3.1.0

  • Add function getOCSPResponseVerificationData' which is similar to getOCSPResponseVerificationData except it accepts the OCSP response payload in ASN.1 format. See how it can be used in the client-ocsp example.

0.3.0.0

  • Add function getOCSPResponseVerificationData to help verify the signature of the OCSP response. See how it can be used in the client-ocsp example.

0.2.0.0

  • Breaking changes: flip the order of arguments in encodeOCSPRequestASN1 and encodeOCSPRequest (the new order is cert → issuerCert).
  • Various improvements in the client-ocsp example.

0.1.1.0

  • Improvements in module Data.X509.AIA.
    • Throw an error when trying to encode CA Issuers data as this is not implemented.
    • Allow decoding of all variants of string-like accessLocation data.
    • List limitations of the module in the documentation.

0.1.0.0

  • Initial version.