Brian Smith
|
566e222bca
|
Bug 1117003 - Backout cset ca3c73188295 (Bug 1115903, Part 2), r=ehsan
|
2015-01-02 12:26:14 -08:00 |
Brian Smith
|
ff754b5ae0
|
Bug 1115903, Part 2: Delete most defaulted assignment operators and some defaulted copy constructors, r=jcj
--HG--
extra : rebase_source : 6c8575de36355521baf69bba89eba530cd4e8b09
|
2014-12-26 23:49:47 -08:00 |
Brian Smith
|
a5f0730d19
|
Bug 1035414, Part 2: Always check subject's issuer matches issuer's subject, r=jcj
--HG--
extra : rebase_source : a75eca6ed909fa4f241b1a736656b7e8c99eb3ea
|
2014-12-26 10:13:18 -08:00 |
David Keeler
|
42cd9ec5ca
|
bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith
|
2014-10-07 09:35:42 -07:00 |
David Keeler
|
71bd008415
|
backout 9815045d0c5a (bug 1058812 1/3) for mochitest orange on a CLOSED TREE
|
2014-10-08 12:10:46 -07:00 |
David Keeler
|
5606be5b15
|
bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith
|
2014-10-07 09:35:42 -07:00 |
Brian Smith
|
864c184e30
|
bug 1045739 - (1/2) mozilla::pkix: stop checking revocation for expired certificates r=keeler
|
2014-08-14 12:02:55 -07:00 |
David Keeler
|
fd860abf57
|
bug 1071308 - (2/2) remove libpkix-style chain validation callback from CertVerifier r=cviecco
|
2014-09-25 11:18:56 -07:00 |
Brian Smith
|
9c4276d25b
|
Bug 1048070, Part 2: Remove uses of PR_NOT_REACHED and PR_ARRAY_SIZE in mozilla::pkix, r=keeeler
--HG--
extra : rebase_source : d373a7526c1048770bed8bacb7e14c8f10e832cb
|
2014-08-03 18:24:35 -07:00 |
Brian Smith
|
3f64294312
|
Bug 1048070, Part 1: Replace uses of PR_ASSERT in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 3f1dbb4babb6d575bde3088c92aeb6f28d689210
|
2014-08-02 09:17:59 -07:00 |
Brian Smith
|
0ccaf0860c
|
Bug 1043041: Use mozilla::pkix::Time instead of PRTime, r=keeler
--HG--
extra : rebase_source : 2cc39d3c322c1355aad003f2497659a091febac2
|
2014-08-02 08:49:12 -07:00 |
Brian Smith
|
de725ae5ef
|
Bug 1047792: Rely on mozilla::pkix to filter out expired certs instead of CERT_CreateSubjectCertList, r=keeler
--HG--
extra : rebase_source : 5182147037b69f0ac3c3cd060d6e2af71bfde2e7
|
2014-08-01 23:16:21 -07:00 |
Brian Smith
|
d77dac0580
|
Bug 1041186, Part 2: Rename Input to Reader and InputBuffer to Input, r=keeler
--HG--
extra : rebase_source : bf57a9eb6ae5c122912e00a47156010e5ea99478
|
2014-07-31 12:17:31 -07:00 |
Brian Smith
|
ffe743ee06
|
Bug 1041186, Part 1: Improve buffer overflow protection in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 0f4a33f2c66594930ba9c79233648c70e33ba27c
|
2014-07-18 22:30:51 -07:00 |
Brian Smith
|
5f56fc60d6
|
Bug 1041343: Use references instead of pointers for TrustLevel output parameters, r=cviecco
--HG--
extra : rebase_source : d5c07dc29a95ccb75a7a8f199de26d43950b9ed4
|
2014-07-20 11:06:26 -07:00 |
Brian Smith
|
c45dc156d1
|
Bug 1039064: Use strongly-typed enum instead of NSPR-style error handling, r=keeler
--HG--
extra : rebase_source : 4f3e41916cd7e2c74679d468eeeb702af3321532
|
2014-07-18 11:48:49 -07:00 |
Cykesiopka
|
0289b45f0c
|
Bug 360126 - Stop accepting certs that use RSA1023 or weaker; Original patch by Richard van den Berg. r=briansmith
|
2014-07-15 19:49:00 -04:00 |
Brian Smith
|
b14f27897b
|
Bug 1037324: Delegate additional name constraint selection to the TrustDomain in mozilla::pkix, r=cviecco
--HG--
extra : rebase_source : 300f33bfb3a0c9ae1525695b080674c1fb21eafc
|
2014-07-10 22:38:59 -07:00 |
Brian Smith
|
94e53dc0be
|
Bug 1035942: Decide whether to consider end-entity CN as a dnsName in CheckNameConstraints instead of in BuildCertChain, r=cviecco
--HG--
extra : rebase_source : 19c5949253e4e631b0bd841f17f000885001b327
extra : histedit_source : dce57eb862a2a13d07d11fdf6917afcf6cb4136c
|
2014-07-08 13:04:17 -07:00 |
Brian Smith
|
3f110246be
|
Bug 1035009: Stop using CERTCertList in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : fc2b39e5e2b44fea365914e83a7d1f2dc9b784bc
extra : histedit_source : b40e5e8cb106fe87f6f065b01ca43adb0bf3a605
|
2014-07-06 15:55:38 -07:00 |
Brian Smith
|
783ead1861
|
Bug 1034636: Remove mozilla::pkix::ScopedCERTCertifciate and mozilla::pkix::ScopedPLArenaPool, r=mmc
--HG--
extra : rebase_source : 68e6da2f1e1c7fa678ef4cc81d23cc6298709108
extra : histedit_source : feba4c589dbf004ee50e2dea1fca0809f8f97674
|
2014-07-03 21:49:56 -07:00 |
Brian Smith
|
f5ec8594e7
|
Bug 1033563, Part 3: Change mozilla::pkix::TrustDomain::FindPotentialIssuers API to be iterator-like, r=keeler
--HG--
extra : rebase_source : e8c734ecb2de2c52dd8909c8b48f4bdb09d0128e
|
2014-07-02 16:15:16 -07:00 |
Brian Smith
|
4c63d2fa78
|
Bug 1033563, Part 2: Convert mozilla::pkix::BuildForwardInner into an iterator-type thing, r=keeler
--HG--
extra : rebase_source : 175e308191441035db4f3eed4a855205bab1a3f3
|
2014-07-02 15:03:58 -07:00 |
Brian Smith
|
172778c87b
|
Bug 1033563, Part 1: Move revocation checking code from mozilla::pkix::BuildForward to BuildForwardInner, r=keeler
--HG--
extra : rebase_source : 0f11eb64ffb00d953c39d81f4877067bd173eadd
|
2014-07-02 12:21:41 -07:00 |
Brian Smith
|
89e560be23
|
Bug 1029247, Part 2: Parse certificates using mozilla::pkix::der, r=keeler
--HG--
extra : rebase_source : e093922497d005734c590a59f175993a7715bce8
|
2014-07-03 16:59:42 -07:00 |
Brian Smith
|
4fdd6599dc
|
Bug 1032947: Change CheckNameConstraints to construct CERTCertificate instances when needed, r=keeler
--HG--
extra : rebase_source : d0bf802f4ff3fe9900ed7444c046617aa27faea9
|
2014-06-26 14:22:20 -07:00 |
Wes Kocher
|
ea7141a1d8
|
Backed out changeset f97578949399 (bug 1032947)
|
2014-07-01 17:43:33 -07:00 |
Brian Smith
|
cd8fb3a537
|
Bug 1032947: Change CheckNameConstraints to construct CERTCertificate instances when needed, r=keeler
--HG--
extra : rebase_source : 64bd4c390f708213242e0d4987b7117b0049d02a
|
2014-06-26 14:22:20 -07:00 |
Brian Smith
|
fcdcfb823b
|
Bug 1031022: Go back to accepting explicit encoding of v1 for certificates and OCSP responses, r=cviecco
--HG--
extra : rebase_source : f0adf63879a48db6c036cce1a3e9a7b65e44fc4e
|
2014-06-26 17:03:48 -07:00 |
Brian Smith
|
73c952f2fb
|
Bug 1029364: Centralize version parsing in BackCert::Init, r=cviecco
--HG--
extra : rebase_source : 7e91710ed7cd6e68875c2d26f0b503835968e1f2
extra : histedit_source : e07446cad5edbf6cbb048304bc2b2af4395410db
|
2014-06-25 01:32:06 -07:00 |
Carsten "Tomcat" Book
|
ec63c69c72
|
Backed out changeset 4f21e9bc729a (bug 1029364) for B2G Device and Emulator Bustage on a CLOSED TREE
|
2014-06-25 10:01:17 +02:00 |
Brian Smith
|
f9aac2f45e
|
Bug 1029364: Centralize version parsing in BackCert::Init, r=cviecco
--HG--
extra : rebase_source : 79d5f29c2af1ec77d6bb8a7936bb0a17f28e8d52
|
2014-06-19 16:17:28 -07:00 |
Brian Smith
|
ca4f473450
|
Bug 1026261: Remove CERTCertificate from mozilla::pkix revocation checking API, r=keeler
--HG--
extra : rebase_source : 6798f494bd351961ea02abba07b5860839bbc418
|
2014-06-20 10:10:51 -07:00 |
Brian Smith
|
b76e937c55
|
Bug 1006812: Use mozilla::pkix::der to decode the key usage extension, r=keeler
--HG--
extra : rebase_source : e445c913994dc027e1179543d7b6cab2505e734d
|
2014-06-19 00:13:20 -07:00 |
David Keeler
|
8bf1ded425
|
bug 1020993 - properly handle unknown critical extensions in BackCert::Init r=briansmith
|
2014-06-09 13:57:44 -07:00 |
Brian Smith
|
e0cd7eb210
|
Bug 1020682: Simplify mozilla::pkix results cert chain construction and make it more efficient, r=cviecco
--HG--
extra : rebase_source : 69cb8ea66e075c89bbcbab3ca115cc2ccc95fa4f
|
2014-06-04 01:28:44 -07:00 |
Brian Smith
|
f9aa591c9a
|
Bug 1020683, Part 2: Remove more references to CERTCertificate from mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 9dce7585975fb23fe04f5714ece18645b22b2261
|
2014-06-04 00:03:28 -07:00 |
Brian Smith
|
67bd0799fb
|
Bug 1020683, Part 1: Remove internal uses of CERTCertificate from mozilla::pkix::VerifyEncodedOCSPResponse, r=keeler
--HG--
extra : rebase_source : 416938498080c4d44874025f1da4562ab1c7c3c8
|
2014-06-05 15:18:32 -07:00 |
Brian Smith
|
d7a28e81d0
|
Bug 1018633: Simplify the max cert chain length check code in mozilla::pkix and make it more efficient, r=cviecco
--HG--
extra : rebase_source : 7fa4cc6c1b46357abed0c57c6e24c622049c5acb
|
2014-05-31 16:32:58 -07:00 |
Brian Smith
|
151ad4b5a6
|
Bug 1001188: Set the error code when the max cert chain length limit is exceeded, r=cviecco
--HG--
extra : rebase_source : ce9e1faa083f5c679e20a2b6d9e8d482462e75b0
|
2014-05-31 16:55:54 -07:00 |
Brian Smith
|
2912321bc5
|
Bug 1006958: Use mozilla::pkix::der to parse certificate policies instead of NSS, r=keeler
--HG--
extra : rebase_source : fde88efebc1025bc4f825aa38df809d04b1b250a
|
2014-05-15 18:59:52 -07:00 |
Brian Smith
|
077fb4cfcf
|
Bug 1006041: Use mozilla::pkix::der for decoding the extended key usage extension, r=keeler
--HG--
extra : rebase_source : b4b62f117d653784eb6ad058554faf520a1bd90b
|
2014-05-14 01:02:34 -07:00 |
Gervase Markham
|
a28ceb8833
|
Bug 1007195 - Change licensing on mozilla::pkix to dual Apache 2/MPL 2. r=briansmith.
|
2014-05-14 14:37:25 +01:00 |
Brian Smith
|
9ae1a34e11
|
Bug 1002933: Use Strongly-typed enums more often in mozilla::pkix, r=mmc
--HG--
extra : rebase_source : 3f67f48d1f4150df0830f89e6c07bbbf3a8fc7e8
|
2014-04-25 16:29:26 -07:00 |
Camilo Viecco
|
a54a4f05cf
|
Bug 744204 - Allow Certificate key pinning Part 2 - Certverifier Interface. r=keeler
--HG--
extra : rebase_source : 2f9748ba0b241c697e22b7ff72f2f5a0fad4a2ca
|
2014-02-05 14:49:10 -08:00 |
Brian Smith
|
8c0e54d6a8
|
Bug 1000544: Use "Fail(x, y)" instead of "PR_SetError(y, 0); return x;" more consistently, r=mmc
--HG--
extra : rebase_source : 96addac738b8ffe39c7a92d546388d5f13fc2340
|
2014-04-23 14:13:32 -07:00 |
Brian Smith
|
bd4b0a0668
|
Bug 1000482: Remove unused stapledOCSPResponse parmaeter from BuildForwardInner, r=mmc, r=keeler
--HG--
extra : rebase_source : b5d67d3488aa3df5690a7dd2b76495ac4986a723
|
2014-04-23 13:42:38 -07:00 |
David Keeler
|
281f1bd79b
|
bug 990603 - mozilla::pkix: defer reporting end-entity cert errors until after path building r=briansmith
|
2014-04-08 09:49:36 -07:00 |
Camilo Viecco
|
95b0ba15e7
|
Bug 986156 - Allow anypolicyoid and reject on inhibitAnypolicy (mozilla::pkix). r=bsmith
--HG--
extra : rebase_source : dd61d4bfa64ed65582f3a1b4662f16740983a3ce
|
2014-03-28 10:00:29 -07:00 |
Camilo Viecco
|
0b1f14ef5a
|
Bug 969188 - Part 2/3 - mozilla::pkix only decode v3 extensions in v3 certificates. r=briansmith
--HG--
extra : rebase_source : 86e58ccf8538d0f40d3b24b89a92dceac095cb21
|
2014-03-06 10:04:04 -08:00 |