зеркало из https://github.com/mozilla/gecko-dev.git
3d9ab91ab0
Because CAs can back-date a certificate (i.e. set the "notBefore" field to earlier than when a certificate actually existed), the "notBefore" field can't be relied on when determining when CRLite information is recent enough to check a certificate with. To that end, this patch instead uses the earliest timestamp from the embedded SCTs in the certificate being checked. Differential Revision: https://phabricator.services.mozilla.com/D90599 |
||
|---|---|---|
| .. | ||
| tests/gtest | ||
| BTTypes.h | ||
| BTVerifier.cpp | ||
| BTVerifier.h | ||
| Buffer.cpp | ||
| Buffer.h | ||
| CTDiversityPolicy.cpp | ||
| CTDiversityPolicy.h | ||
| CTKnownLogs.h | ||
| CTLog.h | ||
| CTLogVerifier.cpp | ||
| CTLogVerifier.h | ||
| CTObjectsExtractor.cpp | ||
| CTObjectsExtractor.h | ||
| CTPolicyEnforcer.cpp | ||
| CTPolicyEnforcer.h | ||
| CTSerialization.cpp | ||
| CTSerialization.h | ||
| CTUtils.h | ||
| CTVerifyResult.cpp | ||
| CTVerifyResult.h | ||
| MultiLogCTVerifier.cpp | ||
| MultiLogCTVerifier.h | ||
| SignedCertificateTimestamp.cpp | ||
| SignedCertificateTimestamp.h | ||
| moz.build | ||