Граф коммитов

11 Коммитов

Автор SHA1 Сообщение Дата
Dana Keeler 6110b2c67a bug 1515608 - allow end-entity certificates to be trust anchors for compatibility r=jcj
Differential Revision: https://phabricator.services.mozilla.com/D23240

--HG--
extra : moz-landing-system : lando
2019-03-18 20:01:02 +00:00
Mike Hommey ef3ad686ee Bug 1512504 - Remove support for MSVC. r=froydnj
Consequently, this removes:
- MOZ_LIBPRIO, which is now always enabled.
- non_msvc_compiler, which is now always true.
- The cl.py wrapper, since it's not used anymore.
- CL_INCLUDES_PREFIX, which was only used for the cl.py wrapper.
- NONASCII, which was only there to ensure CL_INCLUDES_PREFIX still
  worked in non-ASCII cases.

This however keeps a large part of detecting and configuring for MSVC,
because we still do need it for at least headers, libraries, and midl.

Depends on D19614

Differential Revision: https://phabricator.services.mozilla.com/D19615

--HG--
extra : moz-landing-system : lando
2019-02-14 21:45:27 +00:00
Sylvestre Ledru 265e672179 Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format
# ignore-this-changeset

--HG--
extra : amend_source : 4d301d3b0b8711c4692392aa76088ba7fd7d1022
2018-11-30 11:46:48 +01:00
Dana Keeler b8286de46c Bug 1503348 - (3/3) - add support for decoding and verifying Signed Tree Head Data V2 r=jcj
Differential Revision: https://phabricator.services.mozilla.com/D11812

--HG--
rename : security/ct/BTInclusionProof.h => security/ct/BTTypes.h
extra : moz-landing-system : lando
2018-11-27 19:51:56 +00:00
Dana Keeler 215f63820a Bug 1503348 - (2/3) - fix up DecodeInclusionProof to take an Input rather than a Reader r=jcj
DecodeInclusionProof as originally implemented used the wrong convention - its
input argument should have always been an Input rather than a Reader.

Differential Revision: https://phabricator.services.mozilla.com/D11811

--HG--
extra : moz-landing-system : lando
2018-11-27 18:58:11 +00:00
Dana Keeler dfade002b8 Bug 1503348 - (1/3) remove obsolete SignedTreeHead definitions and tests r=jcj
The original implementation of Certificate Transparency included a definition
for the first version of the Signed Tree Head data structure but it was never
actually used. Now that we're implementing Binary Transparency, we need to
implement support for Signed Tree Head V2. Because the focus and approach are
different, the first step is to remove the original implementation.

Differential Revision: https://phabricator.services.mozilla.com/D11810

--HG--
extra : moz-landing-system : lando
2018-11-27 18:58:07 +00:00
Dana Keeler a11a0d5952 bug 1343927 - add utility function to verify binary transparency inclusion proofs r=franziskus,jcj
Differential Revision: https://phabricator.services.mozilla.com/D7669

--HG--
extra : moz-landing-system : lando
2018-10-08 20:37:20 +00:00
Franziskus Kiefer a52a8495f9 Bug 1479787 - use NSS mozpkix in Firefox, r=mt,keeler,glandium
Differential Revision: https://phabricator.services.mozilla.com/D2725
Differential Revision: https://phabricator.services.mozilla.com/D2860

--HG--
extra : rebase_source : 189c13c2a3104c106fcabad5998af6cb2e20d4a5
2018-10-02 14:59:34 +02:00
Dana Keeler 0c4b612622 Bug 1493788 - remove other mozilla-specific dependencies from certificate transparency implementation r=jcj
This patch removes the remaining mozilla-specific dependencies from the
certificate transparency implementation.

Depends on D6845

Differential Revision: https://phabricator.services.mozilla.com/D6846

--HG--
extra : moz-landing-system : lando
2018-10-01 16:20:57 +00:00
Dana Keeler 1661adeb86 Bug 1493788 - convert mozilla::Vector to std::vector in certificate transparency implementation r=jcj
In order to make our certificate transparency implementation standalone, we
have to remove mozilla-specific dependencies such as mozilla::Vector.

Depends on D6844

Differential Revision: https://phabricator.services.mozilla.com/D6845

--HG--
extra : moz-landing-system : lando
2018-10-01 20:27:13 +00:00
Dana Keeler 24a8ad1851 Bug 1493788 - move certificate/binary transparency implementation to its own directory r=jcj
Our current certificate transparency implementation (and the start of the binary
transparency implementation) can almost be used by itself as a standalone
library (for comparison, mozilla::pkix already has this property, as evidenced
by the "Library('mozillapkix')" line in security/pkix/moz.build and the
"'mozillapkix'" line in the USE_LIBS section of
security/manager/ssl/tests/unit/tlsserver/cmd/moz.build).

These changes make this code re-usable as a library so that we'll be able to use
it in the updater to verify binary/certificate transparency information.

This first patch simply moves the code to its own directory.

Differential Revision: https://phabricator.services.mozilla.com/D6844

--HG--
rename : security/certverifier/BTInclusionProof.h => security/ct/BTInclusionProof.h
rename : security/certverifier/BTVerifier.cpp => security/ct/BTVerifier.cpp
rename : security/certverifier/BTVerifier.h => security/ct/BTVerifier.h
rename : security/certverifier/Buffer.cpp => security/ct/Buffer.cpp
rename : security/certverifier/Buffer.h => security/ct/Buffer.h
rename : security/certverifier/CTDiversityPolicy.cpp => security/ct/CTDiversityPolicy.cpp
rename : security/certverifier/CTDiversityPolicy.h => security/ct/CTDiversityPolicy.h
rename : security/certverifier/CTKnownLogs.h => security/ct/CTKnownLogs.h
rename : security/certverifier/CTLog.h => security/ct/CTLog.h
rename : security/certverifier/CTLogVerifier.cpp => security/ct/CTLogVerifier.cpp
rename : security/certverifier/CTLogVerifier.h => security/ct/CTLogVerifier.h
rename : security/certverifier/CTObjectsExtractor.cpp => security/ct/CTObjectsExtractor.cpp
rename : security/certverifier/CTObjectsExtractor.h => security/ct/CTObjectsExtractor.h
rename : security/certverifier/CTPolicyEnforcer.cpp => security/ct/CTPolicyEnforcer.cpp
rename : security/certverifier/CTPolicyEnforcer.h => security/ct/CTPolicyEnforcer.h
rename : security/certverifier/CTSerialization.cpp => security/ct/CTSerialization.cpp
rename : security/certverifier/CTSerialization.h => security/ct/CTSerialization.h
rename : security/certverifier/CTUtils.h => security/ct/CTUtils.h
rename : security/certverifier/CTVerifyResult.cpp => security/ct/CTVerifyResult.cpp
rename : security/certverifier/CTVerifyResult.h => security/ct/CTVerifyResult.h
rename : security/certverifier/MultiLogCTVerifier.cpp => security/ct/MultiLogCTVerifier.cpp
rename : security/certverifier/MultiLogCTVerifier.h => security/ct/MultiLogCTVerifier.h
rename : security/certverifier/SignedCertificateTimestamp.cpp => security/ct/SignedCertificateTimestamp.cpp
rename : security/certverifier/SignedCertificateTimestamp.h => security/ct/SignedCertificateTimestamp.h
rename : security/certverifier/SignedTreeHead.h => security/ct/SignedTreeHead.h
rename : security/certverifier/moz.build => security/ct/moz.build
rename : security/certverifier/tests/gtest/BTSerializationTest.cpp => security/ct/tests/gtest/BTSerializationTest.cpp
rename : security/certverifier/tests/gtest/CTDiversityPolicyTest.cpp => security/ct/tests/gtest/CTDiversityPolicyTest.cpp
rename : security/certverifier/tests/gtest/CTLogVerifierTest.cpp => security/ct/tests/gtest/CTLogVerifierTest.cpp
rename : security/certverifier/tests/gtest/CTObjectsExtractorTest.cpp => security/ct/tests/gtest/CTObjectsExtractorTest.cpp
rename : security/certverifier/tests/gtest/CTPolicyEnforcerTest.cpp => security/ct/tests/gtest/CTPolicyEnforcerTest.cpp
rename : security/certverifier/tests/gtest/CTSerializationTest.cpp => security/ct/tests/gtest/CTSerializationTest.cpp
rename : security/certverifier/tests/gtest/CTTestUtils.cpp => security/ct/tests/gtest/CTTestUtils.cpp
rename : security/certverifier/tests/gtest/CTTestUtils.h => security/ct/tests/gtest/CTTestUtils.h
rename : security/certverifier/tests/gtest/MultiLogCTVerifierTest.cpp => security/ct/tests/gtest/MultiLogCTVerifierTest.cpp
rename : security/certverifier/tests/gtest/moz.build => security/ct/tests/gtest/moz.build
extra : moz-landing-system : lando
2018-10-01 16:20:41 +00:00