gecko-dev

Граф коммитов

Автор	SHA1	Сообщение	Дата
Cykesiopka	0289b45f0c	Bug 360126 - Stop accepting certs that use RSA1023 or weaker; Original patch by Richard van den Berg. r=briansmith	2014-07-15 19:49:00 -04:00
Brian Smith	8483b958ad	Bug 1038837: Factor out mozilla::pkix::Input into a separate header, r=mmc --HG-- rename : security/pkix/lib/pkixder.h => security/pkix/include/pkix/Input.h rename : security/pkix/lib/pkixutil.h => security/pkix/include/pkix/Result.h extra : rebase_source : 09bac0a183932f721cdfd32936595867e4dc26ce	2014-07-13 13:17:36 -07:00
Brian Smith	96c220acca	Bug 1038828: Replace mozilla::pkix::der::Result with uses of mozilla::pkix::Result, r=mmc --HG-- rename : security/pkix/lib/pkixutil.h => security/pkix/include/pkix/Result.h extra : rebase_source : e385af4bab665627aa5d434db04830065cbc641f	2014-07-15 10:33:49 -07:00
Brian Smith	17375cc8b3	Bug 1036105: Delegate digest operations to the TrustDomain in mozilla::pkix, r=keeler --HG-- extra : rebase_source : dd8dc1243ea2e37955a15f2481e1c452311e90d8 extra : histedit_source : adc1a2035d41c608d3f0ebe14bba159b2857502d	2014-07-06 19:36:05 -07:00
Brian Smith	c162caba82	Bug 1036107, Part 1: Stop using CERTSignedData in mozilla::pkix, r=keeler --HG-- extra : rebase_source : 94c49062ae3ddf755651f151e2d648543b10e1ad extra : histedit_source : a7377bf1d9adb62e1c584e2adeb793aa074245fb	2014-07-10 19:00:32 -07:00
Brian Smith	b14f27897b	Bug 1037324: Delegate additional name constraint selection to the TrustDomain in mozilla::pkix, r=cviecco --HG-- extra : rebase_source : 300f33bfb3a0c9ae1525695b080674c1fb21eafc	2014-07-10 22:38:59 -07:00
Brian Smith	94e53dc0be	Bug 1035942: Decide whether to consider end-entity CN as a dnsName in CheckNameConstraints instead of in BuildCertChain, r=cviecco --HG-- extra : rebase_source : 19c5949253e4e631b0bd841f17f000885001b327 extra : histedit_source : dce57eb862a2a13d07d11fdf6917afcf6cb4136c	2014-07-08 13:04:17 -07:00
Brian Smith	3f110246be	Bug 1035009: Stop using CERTCertList in mozilla::pkix, r=keeler --HG-- extra : rebase_source : fc2b39e5e2b44fea365914e83a7d1f2dc9b784bc extra : histedit_source : b40e5e8cb106fe87f6f065b01ca43adb0bf3a605	2014-07-06 15:55:38 -07:00
Camilo Viecco	867a197ca1	Bug `1030204` - 1/2 Name constraint ANSSI(DCISS) Root cert in mozilla::pkix. r=keeler --HG-- extra : rebase_source : 221ca75af601649731bf83cace2e6b0edcd4b2ab	2014-07-08 16:16:26 -07:00
Brian Smith	783ead1861	Bug 1034636: Remove mozilla::pkix::ScopedCERTCertifciate and mozilla::pkix::ScopedPLArenaPool, r=mmc --HG-- extra : rebase_source : 68e6da2f1e1c7fa678ef4cc81d23cc6298709108 extra : histedit_source : feba4c589dbf004ee50e2dea1fca0809f8f97674	2014-07-03 21:49:56 -07:00
Brian Smith	f5ec8594e7	Bug 1033563, Part 3: Change mozilla::pkix::TrustDomain::FindPotentialIssuers API to be iterator-like, r=keeler --HG-- extra : rebase_source : e8c734ecb2de2c52dd8909c8b48f4bdb09d0128e	2014-07-02 16:15:16 -07:00
Brian Smith	4c63d2fa78	Bug 1033563, Part 2: Convert mozilla::pkix::BuildForwardInner into an iterator-type thing, r=keeler --HG-- extra : rebase_source : 175e308191441035db4f3eed4a855205bab1a3f3	2014-07-02 15:03:58 -07:00
Brian Smith	172778c87b	Bug 1033563, Part 1: Move revocation checking code from mozilla::pkix::BuildForward to BuildForwardInner, r=keeler --HG-- extra : rebase_source : 0f11eb64ffb00d953c39d81f4877067bd173eadd	2014-07-02 12:21:41 -07:00
Brian Smith	89e560be23	Bug 1029247, Part 2: Parse certificates using mozilla::pkix::der, r=keeler --HG-- extra : rebase_source : e093922497d005734c590a59f175993a7715bce8	2014-07-03 16:59:42 -07:00
Brian Smith	e614192751	Bug 1029247, Part 1: Add new overload to mozilla::pkix::bind, r=keeler --HG-- extra : rebase_source : 7a9dc499ed6ad038e4840953744a9fcd6578290b	2014-06-21 18:06:30 -07:00
Brian Smith	b8878b14f6	Bug 1034412: Clarify definition of mozilla::pkix::der::SEQUENCE, r=mmc --HG-- extra : rebase_source : 3e139a66133c1d7916fbc13c7cec2b12e9545122	2014-06-30 21:58:34 -07:00
Brian Smith	493ba137ec	Bug 1033103: Add and use mozilla::pkix::der::ExpectTagAndGetTLV, r=keeler --HG-- extra : rebase_source : 16461be12705998799f5c84e2043d68b0c431cb0	2014-07-01 13:25:43 -07:00
Brian Smith	4fdd6599dc	Bug 1032947: Change CheckNameConstraints to construct CERTCertificate instances when needed, r=keeler --HG-- extra : rebase_source : d0bf802f4ff3fe9900ed7444c046617aa27faea9	2014-06-26 14:22:20 -07:00
Brian Smith	fb1fde93b7	Bug 1019770: Use mozilla::pkix::der to decode times and certificate validity period, r=cviecco --HG-- extra : rebase_source : 2b1fa83599c4d0748757b25b56f65e10d41504c8	2014-06-24 21:48:12 -07:00
Wes Kocher	a2eaaf7841	Backed out changeset 5ea9b7bd2db5 (bug 1019770)	2014-07-01 17:43:47 -07:00
Wes Kocher	ea7141a1d8	Backed out changeset f97578949399 (bug 1032947)	2014-07-01 17:43:33 -07:00
Brian Smith	cd8fb3a537	Bug 1032947: Change CheckNameConstraints to construct CERTCertificate instances when needed, r=keeler --HG-- extra : rebase_source : 64bd4c390f708213242e0d4987b7117b0049d02a	2014-06-26 14:22:20 -07:00
Brian Smith	7f7734a4ba	Bug 1019770: Use mozilla::pkix::der to decode times and certificate validity period, r=cviecco --HG-- extra : rebase_source : 05e348b4ae9bb88fdd0895ec5dcec55993ca17c4	2014-06-24 21:48:12 -07:00
Brian Smith	fcdcfb823b	Bug 1031022: Go back to accepting explicit encoding of v1 for certificates and OCSP responses, r=cviecco --HG-- extra : rebase_source : f0adf63879a48db6c036cce1a3e9a7b65e44fc4e	2014-06-26 17:03:48 -07:00
Brian Smith	f97af56e30	Bug 1029341: Factor out decoding of certificate/OCSP extensions, r=keeler --HG-- extra : rebase_source : a1d66b75838e9dfad486f5654db6d977e5c1d97a extra : histedit_source : 34e05d8b3d94500b9cb4f1e311f8fe526b97ba6e	2014-06-24 21:52:50 -07:00
Brian Smith	73c952f2fb	Bug 1029364: Centralize version parsing in BackCert::Init, r=cviecco --HG-- extra : rebase_source : 7e91710ed7cd6e68875c2d26f0b503835968e1f2 extra : histedit_source : e07446cad5edbf6cbb048304bc2b2af4395410db	2014-06-25 01:32:06 -07:00
Brian Smith	e88af673ae	Bug 1029992, Improve AlgorithmIdentifier decoding in mozilla::pkix, r=cviecco --HG-- extra : rebase_source : dec7d3e00afe3a9e433f789baf09c0c41679b0e2 extra : histedit_source : 47657cfde7a266b5d5322b024800abe316e9dbd6	2014-06-24 21:47:50 -07:00
Carsten "Tomcat" Book	ec63c69c72	Backed out changeset 4f21e9bc729a (bug 1029364) for B2G Device and Emulator Bustage on a CLOSED TREE	2014-06-25 10:01:17 +02:00
Carsten "Tomcat" Book	a198d5204e	Backed out changeset a10da316a35f (bug 1029341)	2014-06-25 10:00:42 +02:00
Brian Smith	abcf9d2012	Bug 1029341: Factor out decoding of certificate/OCSP extensions, r=keeler --HG-- extra : rebase_source : e307bea95d29cf78c9eaa7ddb1f2b2c195a59dc9	2014-06-24 21:52:50 -07:00
Brian Smith	f9aac2f45e	Bug 1029364: Centralize version parsing in BackCert::Init, r=cviecco --HG-- extra : rebase_source : 79d5f29c2af1ec77d6bb8a7936bb0a17f28e8d52	2014-06-19 16:17:28 -07:00
Brian Smith	ca4f473450	Bug 1026261: Remove CERTCertificate from mozilla::pkix revocation checking API, r=keeler --HG-- extra : rebase_source : 6798f494bd351961ea02abba07b5860839bbc418	2014-06-20 10:10:51 -07:00
David Keeler	c13f6d39c7	bug 997509 - heed expired Revoked or Unknown OCSP responses r=briansmith	2014-06-20 09:01:57 -07:00
Brian Smith	b76e937c55	Bug 1006812: Use mozilla::pkix::der to decode the key usage extension, r=keeler --HG-- extra : rebase_source : e445c913994dc027e1179543d7b6cab2505e734d	2014-06-19 00:13:20 -07:00
David Keeler	8bf1ded425	bug 1020993 - properly handle unknown critical extensions in BackCert::Init r=briansmith	2014-06-09 13:57:44 -07:00
Brian Smith	8b0f8d773d	Bug 1020683, Part 3: Fix build bustage, a=BUSTAGE on a CLOSED TREE --HG-- extra : rebase_source : 8eaa3eae911b0e75129988d58a19e5e76257b369	2014-06-06 12:04:36 -07:00
Brian Smith	e0cd7eb210	Bug 1020682: Simplify mozilla::pkix results cert chain construction and make it more efficient, r=cviecco --HG-- extra : rebase_source : 69cb8ea66e075c89bbcbab3ca115cc2ccc95fa4f	2014-06-04 01:28:44 -07:00
Brian Smith	f9aa591c9a	Bug 1020683, Part 2: Remove more references to CERTCertificate from mozilla::pkix, r=keeler --HG-- extra : rebase_source : 9dce7585975fb23fe04f5714ece18645b22b2261	2014-06-04 00:03:28 -07:00
Brian Smith	67bd0799fb	Bug 1020683, Part 1: Remove internal uses of CERTCertificate from mozilla::pkix::VerifyEncodedOCSPResponse, r=keeler --HG-- extra : rebase_source : 416938498080c4d44874025f1da4562ab1c7c3c8	2014-06-05 15:18:32 -07:00
Brian Smith	86f062c18f	Bug 1018411: Factor out signed data parsing in mozilla::pkix into a reusable and separately-testable function, r=keeler --HG-- extra : rebase_source : d65a760f9f8efb656f238794019bd451ca163c0b	2014-05-31 18:54:34 -07:00
Brian Smith	279c66a9b8	Bug 1019814: Remove CERTCertificate dependency from TrustDomain::GetCertTrust, r=keeler --HG-- extra : rebase_source : 9abf0522f02d00ac2f63f2327ddbe8d119ffc64f	2014-06-03 10:47:25 -07:00
Brian Smith	d7a28e81d0	Bug 1018633: Simplify the max cert chain length check code in mozilla::pkix and make it more efficient, r=cviecco --HG-- extra : rebase_source : 7fa4cc6c1b46357abed0c57c6e24c622049c5acb	2014-05-31 16:32:58 -07:00
Brian Smith	151ad4b5a6	Bug 1001188: Set the error code when the max cert chain length limit is exceeded, r=cviecco --HG-- extra : rebase_source : ce9e1faa083f5c679e20a2b6d9e8d482462e75b0	2014-05-31 16:55:54 -07:00
Brian Smith	efadae2e83	Bug 1018064: Replace mozilla::pkix::der::Input::Match with mozilla::pkix::der::Input::MatchRest, r=mmc --HG-- extra : rebase_source : 5c5b14cf23b1e40854d241cbc482de40b01ac494	2014-05-29 22:09:45 -07:00
Brian Smith	4c65ffea41	Bug 1018061: Have mozilla::pkix::der::Input::Read use EnsureLength instead of its own checks, r=mmc --HG-- extra : rebase_source : f46d6b9bdcd7d7a272fb39f22312a89d2695db56	2014-05-29 23:36:30 -07:00
Camilo Viecco	5bce267045	Bug 991815 - Part 1/2 - Allow intermediate OCSP responses up to 1 year old. r=keeler --HG-- extra : rebase_source : 28d5336da1dc44932b92ce2c59fca5fcb2b8a3d8	2014-05-30 16:12:36 -07:00
Brian Smith	3b00a198b6	Bug 1018033: Prevent buffer read overflow due to integer overflow in mozilla::pkix::der::Input::EnsureLength, r=keeler --HG-- extra : rebase_source : e4e88d61e448fa475a106a06b9f32181906fba0f	2014-05-29 23:37:40 -07:00
David Keeler	c7191763ea	bug 1002814 - OCSP requests: long serial check should be on cert, not issuerCert r=briansmith	2014-05-14 10:05:32 -07:00
Brian Smith	2912321bc5	Bug 1006958: Use mozilla::pkix::der to parse certificate policies instead of NSS, r=keeler --HG-- extra : rebase_source : fde88efebc1025bc4f825aa38df809d04b1b250a	2014-05-15 18:59:52 -07:00
Brian Smith	f834909bb0	Bug 1010581: Document Expect/Match/Skip terminology in mozilla::pkix::der and make that code more consistent, r=keeler --HG-- extra : rebase_source : 12aa2e1e9eed4f32a75732a65cbfaba9789d5d39	2014-05-14 19:30:09 -07:00

1 2

85 Коммитов