Brian Smith
|
a89b90ea7f
|
Bug 1130754: Avoid recalculating tbsCertificate digest, r=keeler
--HG--
extra : rebase_source : 85266413568df928cb1eaf1cd59b52ee9d4259e6
extra : histedit_source : 767e3263d28926435c6d2f4610c7d8b01e9ba87d
|
2015-02-07 12:14:31 -08:00 |
|
Brian Smith
|
b0f87b9b6c
|
Bug 1122841, Part 2: Centralize checking of public key, r=keeler
--HG--
extra : rebase_source : 6b41ad2d3f37bead8d3ac8b48c5ee0b8063c795b
extra : source : d470b5a68bf915cfb12f0e948e1492463092883c
|
2015-02-02 16:17:08 -08:00 |
|
Ehsan Akhgari
|
5f97b938f2
|
Bug 1117043 - Mark virtual overridden functions as MOZ_OVERRIDE in security; r=bsmith
|
2015-01-02 09:02:04 -05:00 |
|
Brian Smith
|
f118650ad8
|
Bug 1115761, Part 3: Rename NSS-based crypto functions, r=jcj
--HG--
extra : rebase_source : b11b172fac76c7845d2a97cabf1bad9e04a50367
|
2014-12-23 14:51:52 -08:00 |
|
Cykesiopka
|
1c4af4e6a1
|
Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith
|
2014-10-18 15:18:00 +02:00 |
|
Carsten "Tomcat" Book
|
e5ad1e7db2
|
Backed out changeset 3afdc3253979 (bug 622859) for breaking m1 tests
|
2014-10-17 13:14:29 +02:00 |
|
Cykesiopka
|
01941f880c
|
Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith
|
2014-10-16 05:13:00 +02:00 |
|
Eric Rahm
|
7fffd05532
|
Bug 806819 - Part 4: Add files that were excluded from unified builds back in. r=ehsan
|
2014-10-08 13:19:14 -07:00 |
|
Eric Rahm
|
8d715a7fe4
|
Bug 806819 - Part 3: Remove redundant FORCE_PR_LOG entries. r=ehsan
|
2014-10-08 13:17:32 -07:00 |
|
Wes Kocher
|
445e1466e9
|
Backed out 5 changesets (bug 806819) for WinXP test failures on a CLOSED TREE
Backed out changeset 009ae35b0c67 (bug 806819)
Backed out changeset 5a57f87f5061 (bug 806819)
Backed out changeset f06cd735b5b3 (bug 806819)
Backed out changeset e25a2a8d4af4 (bug 806819)
Backed out changeset 70a167982c3f (bug 806819)
|
2014-10-06 16:32:50 -07:00 |
|
Eric Rahm
|
53a247fb00
|
Bug 806819 - Part 4: Add files that were excluded from unified builds back in. r=ehsan
--HG--
extra : rebase_source : 49a3f57d94fc94702f1604175c4e206091b67197
|
2014-10-06 13:11:24 -07:00 |
|
Eric Rahm
|
80d2b8bba6
|
Bug 806819 - Part 3: Remove redundant FORCE_PR_LOG entries. r=ehsan
--HG--
extra : rebase_source : c96eea1c12ea8c19314393f0e8b4b57a4316a61d
|
2014-10-06 13:08:20 -07:00 |
|
David Keeler
|
fd860abf57
|
bug 1071308 - (2/2) remove libpkix-style chain validation callback from CertVerifier r=cviecco
|
2014-09-25 11:18:56 -07:00 |
|
Vlatko Markovic
|
8818f4947f
|
Bug 1059216 - Verification of Trusted Hosted Apps manifest signature, part 1. r=dkeeler,rlb
|
2014-09-22 07:58:59 -07:00 |
|
Robin Thunell
|
2915e7de92
|
Bug 1059208 - Add scripts for signing manifest files of Trusted Hosted Apps r=dkeeler
|
2014-09-22 07:58:59 -07:00 |
|
Vlatko Markovic
|
e160a6a6da
|
Bug 1059204 - Prepare verification code for reuse. r=rlb
|
2014-09-19 20:13:47 -07:00 |
|
Marco Castelluccio
|
b562d97c7e
|
Bug 1042006 - Replace reviewers-dev certificate. r=fabrice
--HG--
extra : rebase_source : 517822e6712853c4e0d5ce664e0d60b980382c3b
|
2014-08-21 00:12:00 -04:00 |
|
Ehsan Akhgari
|
7257b2f870
|
Bug 579517 follow-up: Remove NSPR types that crept in
|
2014-08-08 08:39:07 -04:00 |
|
Brian Smith
|
0ccaf0860c
|
Bug 1043041: Use mozilla::pkix::Time instead of PRTime, r=keeler
--HG--
extra : rebase_source : 2cc39d3c322c1355aad003f2497659a091febac2
|
2014-08-02 08:49:12 -07:00 |
|
Brian Smith
|
de725ae5ef
|
Bug 1047792: Rely on mozilla::pkix to filter out expired certs instead of CERT_CreateSubjectCertList, r=keeler
--HG--
extra : rebase_source : 5182147037b69f0ac3c3cd060d6e2af71bfde2e7
|
2014-08-01 23:16:21 -07:00 |
|
Brian Smith
|
d77dac0580
|
Bug 1041186, Part 2: Rename Input to Reader and InputBuffer to Input, r=keeler
--HG--
extra : rebase_source : bf57a9eb6ae5c122912e00a47156010e5ea99478
|
2014-07-31 12:17:31 -07:00 |
|
Brian Smith
|
ffe743ee06
|
Bug 1041186, Part 1: Improve buffer overflow protection in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 0f4a33f2c66594930ba9c79233648c70e33ba27c
|
2014-07-18 22:30:51 -07:00 |
|
Brian Smith
|
5f56fc60d6
|
Bug 1041343: Use references instead of pointers for TrustLevel output parameters, r=cviecco
--HG--
extra : rebase_source : d5c07dc29a95ccb75a7a8f199de26d43950b9ed4
|
2014-07-20 11:06:26 -07:00 |
|
Brian Smith
|
c45dc156d1
|
Bug 1039064: Use strongly-typed enum instead of NSPR-style error handling, r=keeler
--HG--
extra : rebase_source : 4f3e41916cd7e2c74679d468eeeb702af3321532
|
2014-07-18 11:48:49 -07:00 |
|
Marco Castelluccio
|
3236b9594b
|
Bug 1021345 - Allow apps to be installed from the Marketplace staging server. r=fabrice
|
2014-07-23 13:20:25 +02:00 |
|
Cykesiopka
|
0289b45f0c
|
Bug 360126 - Stop accepting certs that use RSA1023 or weaker; Original patch by Richard van den Berg. r=briansmith
|
2014-07-15 19:49:00 -04:00 |
|
Brian Smith
|
17375cc8b3
|
Bug 1036105: Delegate digest operations to the TrustDomain in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : dd8dc1243ea2e37955a15f2481e1c452311e90d8
extra : histedit_source : adc1a2035d41c608d3f0ebe14bba159b2857502d
|
2014-07-06 19:36:05 -07:00 |
|
Brian Smith
|
c162caba82
|
Bug 1036107, Part 1: Stop using CERTSignedData in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : 94c49062ae3ddf755651f151e2d648543b10e1ad
extra : histedit_source : a7377bf1d9adb62e1c584e2adeb793aa074245fb
|
2014-07-10 19:00:32 -07:00 |
|
Brian Smith
|
b14f27897b
|
Bug 1037324: Delegate additional name constraint selection to the TrustDomain in mozilla::pkix, r=cviecco
--HG--
extra : rebase_source : 300f33bfb3a0c9ae1525695b080674c1fb21eafc
|
2014-07-10 22:38:59 -07:00 |
|
Brian Smith
|
3f110246be
|
Bug 1035009: Stop using CERTCertList in mozilla::pkix, r=keeler
--HG--
extra : rebase_source : fc2b39e5e2b44fea365914e83a7d1f2dc9b784bc
extra : histedit_source : b40e5e8cb106fe87f6f065b01ca43adb0bf3a605
|
2014-07-06 15:55:38 -07:00 |
|
Brian Smith
|
783ead1861
|
Bug 1034636: Remove mozilla::pkix::ScopedCERTCertifciate and mozilla::pkix::ScopedPLArenaPool, r=mmc
--HG--
extra : rebase_source : 68e6da2f1e1c7fa678ef4cc81d23cc6298709108
extra : histedit_source : feba4c589dbf004ee50e2dea1fca0809f8f97674
|
2014-07-03 21:49:56 -07:00 |
|
Brian Smith
|
f5ec8594e7
|
Bug 1033563, Part 3: Change mozilla::pkix::TrustDomain::FindPotentialIssuers API to be iterator-like, r=keeler
--HG--
extra : rebase_source : e8c734ecb2de2c52dd8909c8b48f4bdb09d0128e
|
2014-07-02 16:15:16 -07:00 |
|
Brian Smith
|
89e560be23
|
Bug 1029247, Part 2: Parse certificates using mozilla::pkix::der, r=keeler
--HG--
extra : rebase_source : e093922497d005734c590a59f175993a7715bce8
|
2014-07-03 16:59:42 -07:00 |
|
Harsh Pathak
|
7c4b2ba847
|
Bug 643041 - Merge nsIX509Cert2 and nsIX509Cert3 into nsIX509Cert, and merge nsIX509CertDB2 into nsIX509CertDB. r=keeler
--HG--
extra : rebase_source : 5283c637e45dbee9f741d56cda54fdef1afce16e
|
2014-07-03 22:09:24 -07:00 |
|
Brian Smith
|
bd8f23ccd6
|
Bug 1028643: Convert nsISignatureVerifier to use CertVerifier (mozilla::pkix) and move nsISignatureVerifier functionality to nsIDataSignatureVerifier, r=keeler
--HG--
extra : rebase_source : 14f6f5dedd7145d574ac5b4c86b6ad42b6716ae8
extra : histedit_source : f891fbe80c4ca9fc62849bc2d6d8ffad372a6bf0
|
2014-06-22 18:50:22 -07:00 |
|
Brian Smith
|
ca4f473450
|
Bug 1026261: Remove CERTCertificate from mozilla::pkix revocation checking API, r=keeler
--HG--
extra : rebase_source : 6798f494bd351961ea02abba07b5860839bbc418
|
2014-06-20 10:10:51 -07:00 |
|
Brian Smith
|
b76e937c55
|
Bug 1006812: Use mozilla::pkix::der to decode the key usage extension, r=keeler
--HG--
extra : rebase_source : e445c913994dc027e1179543d7b6cab2505e734d
|
2014-06-19 00:13:20 -07:00 |
|
Brian Smith
|
67bd0799fb
|
Bug 1020683, Part 1: Remove internal uses of CERTCertificate from mozilla::pkix::VerifyEncodedOCSPResponse, r=keeler
--HG--
extra : rebase_source : 416938498080c4d44874025f1da4562ab1c7c3c8
|
2014-06-05 15:18:32 -07:00 |
|
Brian Smith
|
279c66a9b8
|
Bug 1019814: Remove CERTCertificate dependency from TrustDomain::GetCertTrust, r=keeler
--HG--
extra : rebase_source : 9abf0522f02d00ac2f63f2327ddbe8d119ffc64f
|
2014-06-03 10:47:25 -07:00 |
|
David Keeler
|
4434286b6b
|
bug 1006710 - add class of PSM errors to SEC and SSL errors r=briansmith
|
2014-05-28 15:28:03 -07:00 |
|
Marco Castelluccio
|
51f64d5cbb
|
Bug 972201 - Remove the MOZ_B2G_CERTDATA hack. r=briansmith
|
2014-05-18 15:42:42 +02:00 |
|
Brian Smith
|
2912321bc5
|
Bug 1006958: Use mozilla::pkix::der to parse certificate policies instead of NSS, r=keeler
--HG--
extra : rebase_source : fde88efebc1025bc4f825aa38df809d04b1b250a
|
2014-05-15 18:59:52 -07:00 |
|
Brian Smith
|
077fb4cfcf
|
Bug 1006041: Use mozilla::pkix::der for decoding the extended key usage extension, r=keeler
--HG--
extra : rebase_source : b4b62f117d653784eb6ad058554faf520a1bd90b
|
2014-05-14 01:02:34 -07:00 |
|
Brian Smith
|
9ae1a34e11
|
Bug 1002933: Use Strongly-typed enums more often in mozilla::pkix, r=mmc
--HG--
extra : rebase_source : 3f67f48d1f4150df0830f89e6c07bbbf3a8fc7e8
|
2014-04-25 16:29:26 -07:00 |
|
Camilo Viecco
|
a54a4f05cf
|
Bug 744204 - Allow Certificate key pinning Part 2 - Certverifier Interface. r=keeler
--HG--
extra : rebase_source : 2f9748ba0b241c697e22b7ff72f2f5a0fad4a2ca
|
2014-02-05 14:49:10 -08:00 |
|
David Keeler
|
b1405bc489
|
bug 985201 - rename insanity::pkix to mozilla::pkix r=cviecco r=briansmith
--HG--
rename : security/insanity/include/insanity/ScopedPtr.h => security/pkix/include/pkix/ScopedPtr.h
rename : security/insanity/include/insanity/bind.h => security/pkix/include/pkix/bind.h
rename : security/insanity/include/insanity/nullptr.h => security/pkix/include/pkix/nullptr.h
rename : security/insanity/include/insanity/pkix.h => security/pkix/include/pkix/pkix.h
rename : security/insanity/include/insanity/pkixtypes.h => security/pkix/include/pkix/pkixtypes.h
rename : security/insanity/lib/pkixbind.cpp => security/pkix/lib/pkixbind.cpp
rename : security/insanity/lib/pkixbuild.cpp => security/pkix/lib/pkixbuild.cpp
rename : security/insanity/lib/pkixcheck.cpp => security/pkix/lib/pkixcheck.cpp
rename : security/insanity/lib/pkixcheck.h => security/pkix/lib/pkixcheck.h
rename : security/insanity/lib/pkixder.cpp => security/pkix/lib/pkixder.cpp
rename : security/insanity/lib/pkixder.h => security/pkix/lib/pkixder.h
rename : security/insanity/lib/pkixkey.cpp => security/pkix/lib/pkixkey.cpp
rename : security/insanity/lib/pkixocsp.cpp => security/pkix/lib/pkixocsp.cpp
rename : security/insanity/lib/pkixutil.h => security/pkix/lib/pkixutil.h
rename : security/insanity/moz.build => security/pkix/moz.build
rename : security/insanity/test/lib/moz.build => security/pkix/test/lib/moz.build
rename : security/insanity/test/lib/pkixtestutil.cpp => security/pkix/test/lib/pkixtestutil.cpp
rename : security/insanity/test/lib/pkixtestutil.h => security/pkix/test/lib/pkixtestutil.h
|
2014-03-20 14:29:21 -07:00 |
|
Brian Smith
|
dbb4eb51fe
|
Bug 978528: Return the correct error message when no potential issuers are found during path bulding in insanitY::pkix, r=cviecco
--HG--
extra : rebase_source : 71f806312ad322bc2971e7efaea2da217b07efad
|
2014-03-01 20:55:51 -08:00 |
|
Brian Smith
|
605160af41
|
Bug 921886: Add certificate policiy support to insanity::pkix, r=keeler, r=cviecco
--HG--
extra : rebase_source : 6522e2c2f57f59fe23c0ed0c838f1f54236bdafc
|
2014-02-24 12:37:45 -08:00 |
|
Brian Smith
|
46ac0ca312
|
Bug 915931, Part 3: Integrate insanity::pkix OCSP support, r=keeler, r=cviecco
--HG--
extra : rebase_source : 4b54682ca6d97e2ec7709b9a5c93ddea71126f8b
|
2014-02-16 17:35:40 -08:00 |
|
Brian Smith
|
2f3036a251
|
Bug 896620: Make marketplace certs work on in all products, r=keeler
--HG--
extra : source : 86ec7137a8892f75918c77e605df970f5b96ef62
extra : histedit_source : 33326790804d49e6ec658626116ebf870d94d445
|
2014-02-14 14:37:07 -08:00 |
|