Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-01 22:55:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
394,748 Commits 615 Branches 98 Tags 6 GiB
d59467581b
Commit Graph

247 Commits

Author SHA1 Message Date
David Keeler
3cd3e496aa bug 1079436 - fix validThrough as returned by VerifyEncodedOCSPResponse r=briansmith 
validThrough should now be the time through which, if passed in as the given
time to validate an OCSP response at, VerifyEncodedOCSPResponse will still
consider it trustworthy. After that time, it will be expired. This makes it
so the OCSP cache compares validity period responses consistently with
mozilla::pkix.
 2014-11-21 10:43:43 -08:00
Masatoshi Kimura
6887042777 Bug 1094495 - Disable C4480 in security/pkix. r=keeler 2014-11-12 07:41:42 +09:00
David Keeler
98fef4165e bug 1079658 - follow-up bustage fix (unnecessary multi-line C++-style comment) r=bustage on a CLOSED TREE 2014-11-03 13:48:48 -08:00
David Keeler
cd0d5fbdc0 bug 1079658 - check for the id-pkix-ocsp-nocheck extension when decoding certificates r=briansmith 2014-11-03 11:35:15 -08:00
Chris Peterson
4a7b70b334 Bug 1092028 - Fix -Wunused-const-variable warning-as-error in security/pkix/test/gtest. r=bsmith 2014-10-30 23:17:27 -07:00
Brian Smith
774861532b Bug 1089104: Add support for TeletexString-encoded CN-IDs to CheckCertHostname, r=keeler 
--HG--
extra : rebase_source : 320794deae857a574f509b7277ea64576abd37b3
 2014-10-29 17:19:45 -07:00
Brian Smith
228f03d6d1 Bug 1089393: Fix hex excape sequences ('\0x' -> '\x') in pkixnames_tests.cpp, r=mmc 
--HG--
extra : rebase_source : a0136045ce9b957976f8eb2ef8ad6c9eae0a8ad7
 2014-10-26 11:29:42 -07:00
Monica Chew
e8c341b1fd Bug 1083539: Fix dropped return value check (r=keeler) 2014-10-23 17:07:45 -07:00
Brian Smith
cfc481b264 Bug 1085497: Add Input::size_type, r=mmc 
--HG--
extra : rebase_source : 098eae9234be99e683c0d44b35e1ec7058a086dd
 2014-10-16 18:23:27 -07:00
Brian Smith
6926e8bc53 Bug 1063281, Part 8: Rewrite PresentedDNSIDMatchesReferenceDNSID, r=keeler 
--HG--
extra : rebase_source : a74e8d89a3ddfe5f6af70f32d31f1dc06600d90a
 2014-10-15 19:21:35 -07:00
Brian Smith
d7d68e721d Bug 1063281, Part 7: Implement IsValidPresentedDNSID, r=keeler 
--HG--
extra : rebase_source : 32d85980d8d486bb806e169a8241256ad57fa9d1
 2014-10-16 15:59:34 -07:00
Brian Smith
8d32c13ab3 Bug 1083539: Factor out common SEQUENCE unwrapping logic into reusable functions, r=mmc 
--HG--
extra : rebase_source : 93d669d3cbe178339fe59c1d9345c773b4e238d4
 2014-10-14 02:07:08 -07:00
Brian Smith
bda4ef165a Bug 1063281, Part 6: Implement CheckCertHostname, r=keeler 
--HG--
extra : rebase_source : c28fe67d319f64b2efa326fd8649ef529c487c05
 2014-10-15 16:10:32 -07:00
Brian Smith
72d294039c Bug 1063281, Part 5: Implement DNS ID matching, r=keeler 
--HG--
extra : rebase_source : 5221245ce8da065d64a7ff17bdfde0e617562447
 2014-09-30 19:40:15 -07:00
Brian Smith
149817ebfc Bug 1063281, Part 4: Implement ParseIPv6Address, r=keeler 
--HG--
extra : rebase_source : 9a75a81a840591aaf73acd5be4d7ca504b6432e5
 2014-09-06 01:10:24 -07:00
Brian Smith
0e87ec98c7 Bug 1063281, Part 3: Implement ParseIPv4Address, r=keeler 
--HG--
extra : rebase_source : fbafcb7573be8fa83036a8fadbfa74938ab7a4a6
 2014-09-05 23:20:18 -07:00
Brian Smith
4a2c8b5274 Bug 1063281, Part 2: Implement IsValidDNSName, r=keeler 
--HG--
extra : rebase_source : 202898df26c7321f543ab7aeb222cdc6db67fe0d
 2014-09-30 14:41:39 -07:00
Brian Smith
3b8c2fc2a8 Bug 1063281, Part 1: Expose moilla::pkix::BackCert::GetSubjectAltName, r=keeler 
--HG--
extra : rebase_source : c89ae439a21f11fce66a785e8732ca8793d51936
 2014-08-17 17:24:20 -07:00
Cykesiopka
1c4af4e6a1 Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith 2014-10-18 15:18:00 +02:00
Carsten "Tomcat" Book
e5ad1e7db2 Backed out changeset 3afdc3253979 (bug 622859) for breaking m1 tests 2014-10-17 13:14:29 +02:00
Cykesiopka
01941f880c Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith 2014-10-16 05:13:00 +02:00
David Keeler
0a4f56b330 bug 1042889 - use a separate error for untrusted x509v1 certificates used as CAs r=briansmith 2014-10-15 10:38:51 -07:00
Brian Smith
0cacd2ed70 Bug 1078108: Use a longer OCSP response validity period in tests, r=keeler 2014-10-05 17:18:11 -07:00
Carsten "Tomcat" Book
da90427b6c Backed out changeset b885a82dc02a (bug 1078108) for breaking B2g ICS Builds 2014-10-10 09:01:45 +02:00
Brian Smith
2565f9b33d Bug 1078108: Use a longer OCSP response validity period in tests, r=keeler 
--HG--
extra : rebase_source : 3115275b2b1c5337cbea0fd43a2221fcd54dadc1
extra : source : bb5694e268255b6549ccaaaddca74fbb83d4bda1
 2014-10-05 17:18:11 -07:00
Brian Smith
201e27f5f3 Bug 1077926: Make test certificate generation faster by reusing key, r=keeler 
--HG--
extra : rebase_source : 8734920020e0889ea6cac1e878b182326bbf81d6
 2014-10-07 18:30:47 -07:00
David Keeler
a052b67f71 bug 1058812 - (3/3) mozilla::pkix: test handling unsupported signature algorithms r=briansmith 2014-10-08 09:48:15 -07:00
David Keeler
af214d36f8 bug 1058812 - (2/3) mozilla::pkix: use ByteStrings to identify signature algorithm parameters in tests r=briansmith 2014-10-08 09:33:59 -07:00
David Keeler
42cd9ec5ca bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith 2014-10-07 09:35:42 -07:00
David Keeler
71bd008415 backout 9815045d0c5a (bug 1058812 1/3) for mochitest orange on a CLOSED TREE 2014-10-08 12:10:46 -07:00
David Keeler
6e65e0bca0 backout 9692998f547e (bug 1058812 2/3) for mochitest orange on a CLOSED TREE 2014-10-08 12:10:10 -07:00
David Keeler
4279bb931d backout 0097b4ffaf33 (bug 1058812 3/3) for mochitest orange on a CLOSED TREE 2014-10-08 12:09:26 -07:00
David Keeler
3718659874 bug 1058812 - (3/3) mozilla::pkix: test handling unsupported signature algorithms r=briansmith 2014-10-08 09:48:15 -07:00
David Keeler
7ad555939c bug 1058812 - (2/3) mozilla::pkix: use ByteStrings to identify signature algorithm parameters in tests r=briansmith 2014-10-08 09:33:59 -07:00
David Keeler
5606be5b15 bug 1058812 - (1/3) mozilla::pkix: add SignatureAlgorithm::unsupported_algorithm to better handle e.g. roots signed with RSA/MD5 r=briansmith 2014-10-07 09:35:42 -07:00
Brian Smith
7c87c719cd Bug 1077887: Work around old GCC "enum class" bug, r=mmc 
--HG--
extra : rebase_source : 983e8d8bcfded10d1d1dca793d610996b40b444d
 2014-10-04 18:45:31 -07:00
Brian Smith
121791c43f Bug 1077859: Make ENCODING_FAILED safe to use in static initializers, r=mmc 
--HG--
extra : rebase_source : f0483e775c6fefc256fc9527b1b1118086cc121f
 2014-10-03 15:52:38 -07:00
Ehsan Akhgari
15ca5186a6 Fix one bad implicit constructor in pkix, no bug, blanket-rs=bsmith 2014-10-07 09:46:59 -04:00
Carsten "Tomcat" Book
811400331c Backed out changeset 76000f9f12da (bug 1077859) for causing frequent Mac OSX XPCshell test failures 2014-10-07 12:53:42 +02:00
Carsten "Tomcat" Book
f3c6c6a49b Backed out changeset 16fe1b9eb9e6 (bug 1077887) 2014-10-07 12:53:03 +02:00
Carsten "Tomcat" Book
2dbcab7289 Backed out changeset 124b04c01c71 (bug 1077926) 2014-10-07 12:52:49 +02:00
Brian Smith
655ade7a8b Bug 1077926: Make test certificate generation faster by reusing key, r=keeler 
--HG--
extra : rebase_source : 360fe925397688c1d0a2386c4974def6b571f0d4
 2014-10-05 00:29:43 -07:00
Brian Smith
1fc729071e Bug 1077887: Work around old GCC "enum class" bug, r=mmc 
--HG--
extra : rebase_source : ce707672dfc0587760c09701fd6adbe26c874916
 2014-10-04 18:45:31 -07:00
Brian Smith
9e344e0256 Bug 1077859: Make ENCODING_FAILED safe to use in static initializers, r=mmc 
--HG--
extra : rebase_source : 78e1410ab6c94bd6b20a78208a2421db338aed94
 2014-10-03 15:52:38 -07:00
David Keeler
2f89ed3295 bug 1045739 - (part 2/2) mozilla::pkix: test that revocation checking doesn't occur for expired certificates r=mmc 2014-10-01 10:20:31 -07:00
Brian Smith
864c184e30 bug 1045739 - (1/2) mozilla::pkix: stop checking revocation for expired certificates r=keeler 2014-08-14 12:02:55 -07:00
David Keeler
fd860abf57 bug 1071308 - (2/2) remove libpkix-style chain validation callback from CertVerifier r=cviecco 2014-09-25 11:18:56 -07:00
Richard Barnes
f07a938b7c Bug 1045973 - sec_error_extension_value_invalid: mozilla::pkix does not accept certificates with x509v3 extensions in x509v1 or x509v2 certificates r=keeler 2014-09-23 16:48:54 -04:00
David Keeler
06b4f5bba9 bug 1060929 - mozilla::pkix: allow explicit encodings of default-valued BOOLEANs for compatibility r=briansmith 2014-09-22 09:26:10 -07:00
Richard Barnes
211a288b8e Backed out changeset 40d6ccba44f1 (bug 1045973) 2014-09-22 15:40:19 -04:00