mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
518 966 коммитов 613 Ветки 98 Теги 5,8 GiB
Граф коммитов

38 Коммитов

Автор SHA1 Сообщение Дата
David Cook 7d4c71cc9c Bug 1115718 - Check for empty issuer name in mozilla::pkix; r=keeler 
MozReview-Commit-ID: 6Ymgo7dQE7b

--HG--
extra : rebase_source : 54ee27fd46c2139125a40deabb11a6aca04c84bc
 2016-07-28 20:36:18 -05:00
Cykesiopka 33825b4eb1 Bug 1257031 - Return more informative error code when encountering invalid integers rather than SEC_ERROR_BAD_DER. r=keeler 
Also adds some missing l10n entries to nsserrors.properties (but not for errors
that are specific to TLS 1.3, since TLS 1.3 is not yet finalised).

MozReview-Commit-ID: A42fmTDTe8W

--HG--
extra : transplant_source : x%F7s%DB%05%B4%81%9Dm%FDC%A1f%B3%0D%7DR%C1%BA%B1
 2016-04-21 16:41:22 -07:00
Brian Smith 30373af60a Bug 1189020 - Replace |// unnamed namespace| with |// namespace| in mozilla::pkix. r=Cykesiopka 
This is what Google suggests in its style guide, and somebody
already changed one of these comments to the new style.

--HG--
extra : rebase_source : fe3f7fc17a2fc09ad0ba01fa1511dc8dba7653e1
 2016-03-16 07:10:00 +01:00
Mark Goodwin 31adb1a5c5 Bug 901698 - Implement OCSP-must-staple; r=keeler 2015-11-13 16:49:08 +00:00
Cykesiopka 0a9aea4ab2 Bug 1145679 - Reject EV status for end-entity EV certs with overly long validity periods. r=keeler 
--HG--
extra : rebase_source : ec44bb566cce8ab14f740457d6ba1d863b39c256
 2015-06-29 22:19:00 +02:00
Tim Taubert ab7196486a Bug 1060112 - Don't treat OCSP responses omitting the requested certificate status as "unknown certificate" responses blocking the connection r=keeler 2015-05-21 13:39:34 -04:00
Brian Smith 566d65be48 Bug 1153738: Make ScopedPtr a minimal proper subset of std::unique_ptr, r=keeler 
Remove all features of ScopedPtr that aren't in std::unique_ptr, and
remove all currently-unused features of ScopedPtr. In particular,
replace |operator=(T*)| with |reset(T* p = nullptr)| and make
|operator bool| explicit.

--HG--
rename : security/pkix/include/pkix/ScopedPtr.h => security/pkix/lib/ScopedPtr.h
extra : rebase_source : 206bfb32aa5a04a4719f28b4aca59fe2f0abbec3
 2015-04-13 00:28:11 -10:00
Brian Smith bdb4294871 Bug 1077864, Part 1: Check consistency of certificates' signature and signatureAlgorithm fields, r=keeler 
--HG--
extra : rebase_source : 9a2ca8cb370169f675557987a6b1cc0dedb24ff6
 2015-02-22 16:59:03 -08:00
Brian Smith a89b90ea7f Bug 1130754: Avoid recalculating tbsCertificate digest, r=keeler 
--HG--
extra : rebase_source : 85266413568df928cb1eaf1cd59b52ee9d4259e6
extra : histedit_source : 767e3263d28926435c6d2f4610c7d8b01e9ba87d
 2015-02-07 12:14:31 -08:00
Brian Smith b0f87b9b6c Bug 1122841, Part 2: Centralize checking of public key, r=keeler 
--HG--
extra : rebase_source : 6b41ad2d3f37bead8d3ac8b48c5ee0b8063c795b
extra : source : d470b5a68bf915cfb12f0e948e1492463092883c
 2015-02-02 16:17:08 -08:00
Brian Smith a4ceeff7d4 Bug 1128413, Part 1: Fix switch-related warnings, r=mmc 
--HG--
extra : rebase_source : 3d70c2a4ae8f9705a8a2c56c2f49e50fe4711ea9
 2015-02-02 14:21:27 -08:00
Cykesiopka eb24c24fb9 Bug 968560 - Return distinct error codes for certificates that are not valid yet, in mozilla::pkix. r=keeler 
--HG--
extra : rebase_source : de63f37cdef477d96c1aef8253feca7013ba3bfd
 2015-02-06 11:18:20 -08:00
Cykesiopka 590cc7dc4a Bug 1077790 - Make mozilla::pkix::CheckPublicKeySize() accept specific elliptic curves only. r=briansmith 
--HG--
extra : rebase_source : 2eab41b647a78ef3a5ea9cf9710704e35c65803a
 2015-01-21 17:20:16 -08:00
Brian Smith cc811435fd Bug 1115906, Part 3: Make formatting of struct/class/enum class more consistent, r=keeler 
--HG--
extra : rebase_source : 0ba4b630b93775ff68abc583238ba2525b8d56f5
 2015-01-13 16:53:34 -08:00
Brian Smith f52e40c633 Bug 1115761, Part 4: Add "fall through" comment, r=jcj 
--HG--
extra : rebase_source : 1e40d7d7d85c1a02eb6195ecee1038ea40a6a9ab
 2014-12-26 15:07:56 -08:00
Brian Smith f118650ad8 Bug 1115761, Part 3: Rename NSS-based crypto functions, r=jcj 
--HG--
extra : rebase_source : b11b172fac76c7845d2a97cabf1bad9e04a50367
 2014-12-23 14:51:52 -08:00
Brian Smith 2d40b79203 Bug 1115761, Part 2: Use NotReached more consistently in pkixnss.cpp, r=jcj 
--HG--
extra : rebase_source : 80647fc11d40d822dc042af1d797cb34062a84ab
 2014-12-23 22:35:53 -08:00
Brian Smith dcacbfd4ce Bug 1073867, Part 3: Reject DSS end-entity certificates, r=mmc 
--HG--
extra : rebase_source : 76546b57aade1a15b394a2e53d8c12d62906dcac
 2014-12-24 00:51:52 -08:00
Brian Smith 510bbfd05d Bug 1073867, Part 1: Remove DSS certificate support from mozilla::pkix, r=keeler 
--HG--
extra : rebase_source : 3bef46a794e53584fd35b7640a6f4c9aaea4acab
 2014-12-04 20:55:15 -08:00
Brian Smith c61befa56f Bug 1111399, Part 1: Preconditions for RFC822 name constraints, r=keeler 
--HG--
extra : rebase_source : cd20b448a6c77ba27c86cb3d8e6c121f92a2ba93
 2014-12-20 07:35:44 -08:00
Brian Smith bda4ef165a Bug 1063281, Part 6: Implement CheckCertHostname, r=keeler 
--HG--
extra : rebase_source : c28fe67d319f64b2efa326fd8649ef529c487c05
 2014-10-15 16:10:32 -07:00
Cykesiopka 1c4af4e6a1 Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith 2014-10-18 15:18:00 +02:00
Carsten "Tomcat" Book e5ad1e7db2 Backed out changeset 3afdc3253979 (bug 622859) for breaking m1 tests 2014-10-17 13:14:29 +02:00
Cykesiopka 01941f880c Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith 2014-10-16 05:13:00 +02:00
David Keeler 0a4f56b330 bug 1042889 - use a separate error for untrusted x509v1 certificates used as CAs r=briansmith 2014-10-15 10:38:51 -07:00
David Keeler 42cd9ec5ca bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith 2014-10-07 09:35:42 -07:00
David Keeler 71bd008415 backout 9815045d0c5a (bug 1058812 1/3) for mochitest orange on a CLOSED TREE 2014-10-08 12:10:46 -07:00
David Keeler 5606be5b15 bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith 2014-10-07 09:35:42 -07:00
Brian Smith c5500b85df Bug 1065264: Use MOZILLA_PKIX_MAP_LIST to define mozilla::pkix::Result, r=keeler 
--HG--
extra : rebase_source : a91f7ab118f802fed6441edf00a245fe90c8e506
 2014-09-10 00:17:24 -07:00
Brian Smith c857f8e0f4 Bug 1063013, Part 4: Move MapResultToName and MAP_LIST out of pkixnss.h/pkixnss.cpp, r=keeler 
--HG--
rename : security/pkix/lib/pkixnss.cpp => security/pkix/lib/pkixresult.cpp
extra : rebase_source : 2fec0a279f7ef6acdd7ac8bf749190eef33df70d
 2014-08-31 19:42:36 -07:00
Cykesiopka bfd5ec525f Bug 1052529 - Add missing l10n strings for mozilla::pkix errors. r=keeler 2014-08-26 00:03:00 +02:00
Cykesiopka f4a67332e8 Bug 1052257 - Add and use error code specific to inadequate key sizes. r=keeler 2014-08-12 22:24:00 -04:00
David Keeler 3d57f23fab bug 1040446 - mozilla::pkix: add error code for CA cert used as end-entity cert r=briansmith 2014-08-11 12:35:45 -07:00
David Keeler bff07e5d42 bug 1047494 - refactor tautological size check in mozilla::pkix::VerifySignedData r=briansmith 2014-08-08 11:28:44 -07:00
Brian Smith de725ae5ef Bug 1047792: Rely on mozilla::pkix to filter out expired certs instead of CERT_CreateSubjectCertList, r=keeler 
--HG--
extra : rebase_source : 5182147037b69f0ac3c3cd060d6e2af71bfde2e7
 2014-08-01 23:16:21 -07:00
Brian Smith d77dac0580 Bug 1041186, Part 2: Rename Input to Reader and InputBuffer to Input, r=keeler 
--HG--
extra : rebase_source : bf57a9eb6ae5c122912e00a47156010e5ea99478
 2014-07-31 12:17:31 -07:00
Brian Smith ffe743ee06 Bug 1041186, Part 1: Improve buffer overflow protection in mozilla::pkix, r=keeler 
--HG--
extra : rebase_source : 0f4a33f2c66594930ba9c79233648c70e33ba27c
 2014-07-18 22:30:51 -07:00
Brian Smith c45dc156d1 Bug 1039064: Use strongly-typed enum instead of NSPR-style error handling, r=keeler 
--HG--
extra : rebase_source : 4f3e41916cd7e2c74679d468eeeb702af3321532
 2014-07-18 11:48:49 -07:00