Dana Keeler
6110b2c67a
bug 1515608 - allow end-entity certificates to be trust anchors for compatibility r=jcj
...
Differential Revision: https://phabricator.services.mozilla.com/D23240
--HG--
extra : moz-landing-system : lando
2019-03-18 20:01:02 +00:00
Mike Hommey
ef3ad686ee
Bug 1512504 - Remove support for MSVC. r=froydnj
...
Consequently, this removes:
- MOZ_LIBPRIO, which is now always enabled.
- non_msvc_compiler, which is now always true.
- The cl.py wrapper, since it's not used anymore.
- CL_INCLUDES_PREFIX, which was only used for the cl.py wrapper.
- NONASCII, which was only there to ensure CL_INCLUDES_PREFIX still
worked in non-ASCII cases.
This however keeps a large part of detecting and configuring for MSVC,
because we still do need it for at least headers, libraries, and midl.
Depends on D19614
Differential Revision: https://phabricator.services.mozilla.com/D19615
--HG--
extra : moz-landing-system : lando
2019-02-14 21:45:27 +00:00
Sylvestre Ledru
265e672179
Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format
...
# ignore-this-changeset
--HG--
extra : amend_source : 4d301d3b0b8711c4692392aa76088ba7fd7d1022
2018-11-30 11:46:48 +01:00
Dana Keeler
b8286de46c
Bug 1503348 - (3/3) - add support for decoding and verifying Signed Tree Head Data V2 r=jcj
...
Differential Revision: https://phabricator.services.mozilla.com/D11812
--HG--
rename : security/ct/BTInclusionProof.h => security/ct/BTTypes.h
extra : moz-landing-system : lando
2018-11-27 19:51:56 +00:00
Dana Keeler
215f63820a
Bug 1503348 - (2/3) - fix up DecodeInclusionProof to take an Input rather than a Reader r=jcj
...
DecodeInclusionProof as originally implemented used the wrong convention - its
input argument should have always been an Input rather than a Reader.
Differential Revision: https://phabricator.services.mozilla.com/D11811
--HG--
extra : moz-landing-system : lando
2018-11-27 18:58:11 +00:00
Dana Keeler
dfade002b8
Bug 1503348 - (1/3) remove obsolete SignedTreeHead definitions and tests r=jcj
...
The original implementation of Certificate Transparency included a definition
for the first version of the Signed Tree Head data structure but it was never
actually used. Now that we're implementing Binary Transparency, we need to
implement support for Signed Tree Head V2. Because the focus and approach are
different, the first step is to remove the original implementation.
Differential Revision: https://phabricator.services.mozilla.com/D11810
--HG--
extra : moz-landing-system : lando
2018-11-27 18:58:07 +00:00
Dana Keeler
a11a0d5952
bug 1343927 - add utility function to verify binary transparency inclusion proofs r=franziskus,jcj
...
Differential Revision: https://phabricator.services.mozilla.com/D7669
--HG--
extra : moz-landing-system : lando
2018-10-08 20:37:20 +00:00
Franziskus Kiefer
a52a8495f9
Bug 1479787
- use NSS mozpkix in Firefox, r=mt,keeler,glandium
...
Differential Revision: https://phabricator.services.mozilla.com/D2725
Differential Revision: https://phabricator.services.mozilla.com/D2860
--HG--
extra : rebase_source : 189c13c2a3104c106fcabad5998af6cb2e20d4a5
2018-10-02 14:59:34 +02:00
Dana Keeler
0c4b612622
Bug 1493788 - remove other mozilla-specific dependencies from certificate transparency implementation r=jcj
...
This patch removes the remaining mozilla-specific dependencies from the
certificate transparency implementation.
Depends on D6845
Differential Revision: https://phabricator.services.mozilla.com/D6846
--HG--
extra : moz-landing-system : lando
2018-10-01 16:20:57 +00:00
Dana Keeler
1661adeb86
Bug 1493788 - convert mozilla::Vector to std::vector in certificate transparency implementation r=jcj
...
In order to make our certificate transparency implementation standalone, we
have to remove mozilla-specific dependencies such as mozilla::Vector.
Depends on D6844
Differential Revision: https://phabricator.services.mozilla.com/D6845
--HG--
extra : moz-landing-system : lando
2018-10-01 20:27:13 +00:00
Dana Keeler
24a8ad1851
Bug 1493788 - move certificate/binary transparency implementation to its own directory r=jcj
...
Our current certificate transparency implementation (and the start of the binary
transparency implementation) can almost be used by itself as a standalone
library (for comparison, mozilla::pkix already has this property, as evidenced
by the "Library('mozillapkix')" line in security/pkix/moz.build and the
"'mozillapkix'" line in the USE_LIBS section of
security/manager/ssl/tests/unit/tlsserver/cmd/moz.build).
These changes make this code re-usable as a library so that we'll be able to use
it in the updater to verify binary/certificate transparency information.
This first patch simply moves the code to its own directory.
Differential Revision: https://phabricator.services.mozilla.com/D6844
--HG--
rename : security/certverifier/BTInclusionProof.h => security/ct/BTInclusionProof.h
rename : security/certverifier/BTVerifier.cpp => security/ct/BTVerifier.cpp
rename : security/certverifier/BTVerifier.h => security/ct/BTVerifier.h
rename : security/certverifier/Buffer.cpp => security/ct/Buffer.cpp
rename : security/certverifier/Buffer.h => security/ct/Buffer.h
rename : security/certverifier/CTDiversityPolicy.cpp => security/ct/CTDiversityPolicy.cpp
rename : security/certverifier/CTDiversityPolicy.h => security/ct/CTDiversityPolicy.h
rename : security/certverifier/CTKnownLogs.h => security/ct/CTKnownLogs.h
rename : security/certverifier/CTLog.h => security/ct/CTLog.h
rename : security/certverifier/CTLogVerifier.cpp => security/ct/CTLogVerifier.cpp
rename : security/certverifier/CTLogVerifier.h => security/ct/CTLogVerifier.h
rename : security/certverifier/CTObjectsExtractor.cpp => security/ct/CTObjectsExtractor.cpp
rename : security/certverifier/CTObjectsExtractor.h => security/ct/CTObjectsExtractor.h
rename : security/certverifier/CTPolicyEnforcer.cpp => security/ct/CTPolicyEnforcer.cpp
rename : security/certverifier/CTPolicyEnforcer.h => security/ct/CTPolicyEnforcer.h
rename : security/certverifier/CTSerialization.cpp => security/ct/CTSerialization.cpp
rename : security/certverifier/CTSerialization.h => security/ct/CTSerialization.h
rename : security/certverifier/CTUtils.h => security/ct/CTUtils.h
rename : security/certverifier/CTVerifyResult.cpp => security/ct/CTVerifyResult.cpp
rename : security/certverifier/CTVerifyResult.h => security/ct/CTVerifyResult.h
rename : security/certverifier/MultiLogCTVerifier.cpp => security/ct/MultiLogCTVerifier.cpp
rename : security/certverifier/MultiLogCTVerifier.h => security/ct/MultiLogCTVerifier.h
rename : security/certverifier/SignedCertificateTimestamp.cpp => security/ct/SignedCertificateTimestamp.cpp
rename : security/certverifier/SignedCertificateTimestamp.h => security/ct/SignedCertificateTimestamp.h
rename : security/certverifier/SignedTreeHead.h => security/ct/SignedTreeHead.h
rename : security/certverifier/moz.build => security/ct/moz.build
rename : security/certverifier/tests/gtest/BTSerializationTest.cpp => security/ct/tests/gtest/BTSerializationTest.cpp
rename : security/certverifier/tests/gtest/CTDiversityPolicyTest.cpp => security/ct/tests/gtest/CTDiversityPolicyTest.cpp
rename : security/certverifier/tests/gtest/CTLogVerifierTest.cpp => security/ct/tests/gtest/CTLogVerifierTest.cpp
rename : security/certverifier/tests/gtest/CTObjectsExtractorTest.cpp => security/ct/tests/gtest/CTObjectsExtractorTest.cpp
rename : security/certverifier/tests/gtest/CTPolicyEnforcerTest.cpp => security/ct/tests/gtest/CTPolicyEnforcerTest.cpp
rename : security/certverifier/tests/gtest/CTSerializationTest.cpp => security/ct/tests/gtest/CTSerializationTest.cpp
rename : security/certverifier/tests/gtest/CTTestUtils.cpp => security/ct/tests/gtest/CTTestUtils.cpp
rename : security/certverifier/tests/gtest/CTTestUtils.h => security/ct/tests/gtest/CTTestUtils.h
rename : security/certverifier/tests/gtest/MultiLogCTVerifierTest.cpp => security/ct/tests/gtest/MultiLogCTVerifierTest.cpp
rename : security/certverifier/tests/gtest/moz.build => security/ct/tests/gtest/moz.build
extra : moz-landing-system : lando
2018-10-01 16:20:41 +00:00