security/certverifier/CertVerifier.cpp
fa67b437a89ab8590a5bcd3a91a4d779f716c6dd
created 2015-01-23 06:17 +0100
pushed 2015-03-30 18:32 +0000
TheKK TheKK - Bug 1092398 - "remove unused CertVerifier enums (missing_cert_download_config and crl_download_config)". r=honzab.moz
f1ba8432414daea5876b80dce3a2e633c8434414
created 2014-12-17 21:31 -0500
pushed 2015-02-23 15:17 +0000
Kaspar Brand Kaspar Brand - Bug 1112487 - The signing certificates with key usage only non-repudiation is taken as invalid for signing. r=keeler
63f7bbd24da3d620d9c0d076e01826a64aa7d268
created 2014-12-11 23:22 -0800
pushed 2015-01-12 19:37 +0000
Brian Smith Brian Smith - Bug 1107666 - Fix OCSP stapling telemetry (SSL_OCSP_STAPLING). r=keeler
c7c48ab6ee5e3e0c65e35966511e838bc680a80f
created 2014-10-28 15:28 -0700
pushed 2015-01-12 19:37 +0000
Brian Smith Brian Smith - Reland Bug 1063281, Part 9: Switch Gecko from NSS to CheckCertHostname, r=keeler
ed2cdcdb52408e549b5f5d47c6ebc02d506d83bb
created 2014-10-28 12:30 -0700
pushed 2015-01-12 19:37 +0000
Brian Smith Brian Smith - Back out cset 9b72d139e817 (Bug 1063281, Part 9) due to compatibility regressions on a CLOSED TREE, a=ryanvm
9b72d139e81766bdcf363c7b9ed0bf3f248c32d2
created 2014-09-21 17:43 -0700
pushed 2015-01-12 19:37 +0000
Brian Smith Brian Smith - Bug 1063281, Part 9: Switch Gecko from NSS to CheckCertHostname, r=keeler
f564fff0642cfbd82f7192d7e2d8b00610e16091
created 2014-10-18 15:18 +0200
pushed 2015-01-12 19:37 +0000
Cykesiopka Cykesiopka - Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith
209ec35a59c13bfccd4b5a787268cb4e1eaf1bb3
created 2014-10-17 13:14 +0200
pushed 2015-01-12 19:37 +0000
Carsten "Tomcat" Book Carsten "Tomcat" Book - Backed out changeset 3afdc3253979 (bug 622859) for breaking m1 tests
3afdc3253979b356a146c55e49eb68eb48580927
created 2014-10-16 05:13 +0200
pushed 2015-01-12 19:37 +0000
Cykesiopka Cykesiopka - Bug 622859 - Reject EV certificates with key sizes below RSA 2048. r=briansmith
f378b68991bca8a6711b54bfe11b09a65fc13d27
created 2014-12-11 23:22 -0800
pushed 2014-12-16 15:36 +0000
Brian Smith Brian Smith - Bug 1107666 - Fix OCSP stapling telemetry (SSL_OCSP_STAPLING). r=keeler, a=sledru
4f90b7fb1918462222c557100342cdd627e2f3f3
created 2014-09-25 11:18 -0700
pushed 2014-11-28 15:29 +0000
David Keeler David Keeler - bug 1071308 - (2/2) remove libpkix-style chain validation callback from CertVerifier r=cviecco
9dc5491eb546b9d334fd305488d50891e2749773
created 2014-09-25 11:08 -0700
pushed 2014-11-28 15:29 +0000
David Keeler David Keeler - bug 1071308 - (1/2) rename pinning_enforcement_level to PinningMode for brevity r=cviecco
fea4ac1165f99364b6c997c8e4e1e825c399c3f9
created 2014-11-05 09:37 -0800
pushed 2014-11-10 21:44 +0000
David Keeler David Keeler - bug 1083118 - backout removal of unsafe, non-standardized legacy window.crypto functions r=bz a=lmandel ba=lmandel
46ddbee26635ab23a6f62d9b2dcee51681473e74
created 2014-09-12 13:20 -0700
pushed 2014-10-13 16:35 +0000
David Keeler David Keeler - Bug 1066190 - Ensure that pinning checks are done for otherwise overridable errors. r=mmc, a=sledru
c4d1c00413479524bbd1f9ef4ba1f0809099af65
created 2014-08-21 10:37 -0700
pushed 2014-10-13 16:35 +0000
David Keeler David Keeler - bug 1049095 - re-verify joinee certificate with joining hostname when joining connections r=briansmith r=mcmanus r=cviecco r=mmc r=rbarnes
68499003df5ed29ba5cc594aeac3b166f4730de7
created 2014-08-14 09:38 -0700
pushed 2014-10-13 16:35 +0000
David Keeler David Keeler - bug 1030963 - remove non-standard window.crypto functions/properties r=jst r=briansmith r=glandium
a4a8b3b58191206f53748d823cf255fba4042253
created 2014-08-02 08:49 -0700
pushed 2014-10-13 16:35 +0000
Brian Smith Brian Smith - Bug 1043041: Use mozilla::pkix::Time instead of PRTime, r=keeler
c989be71f8443b628a15cd0aab16f47de73d3582
created 2014-07-31 12:17 -0700
pushed 2014-10-13 16:35 +0000
Brian Smith Brian Smith - Bug 1041186, Part 2: Rename Input to Reader and InputBuffer to Input, r=keeler
c04d170a0bd9ad169065d5546a1149554a543422
created 2014-07-18 22:30 -0700
pushed 2014-10-13 16:35 +0000
Brian Smith Brian Smith - Bug 1041186, Part 1: Improve buffer overflow protection in mozilla::pkix, r=keeler
5f7dc391e8611d1f12f77d55f2c5a56ef8f6f29e
created 2014-07-18 11:48 -0700
pushed 2014-10-13 16:35 +0000
Brian Smith Brian Smith - Bug 1039064: Use strongly-typed enum instead of NSPR-style error handling, r=keeler
1e3320340bd2375cf89bc2d8bb746db4795dd24e
created 2014-09-12 13:20 -0700
pushed 2014-09-18 14:48 +0000
David Keeler David Keeler - Bug 1066190 - Ensure that pinning checks are done for otherwise overridable errors. r=mmc, a=sledru
1f599d357743c088c6e1237580d367a9c5a6278c
created 2014-07-18 11:48 -0700
pushed 2014-09-15 22:39 +0000
Brian Smith Brian Smith - Bug 1039064 - Use strongly-typed enum instead of NSPR-style error handling. r=keeler, a=lmandel
b8c9b76b6585da4b72cb4822185c4076299bbc9e
created 2014-09-15 15:57 -0400
pushed 2014-09-15 19:56 +0000
Ryan VanderMeulen Ryan VanderMeulen - Backed out 3 changesets (bug 1039064, bug 1040446, bug 1034124) for ASAN xpcshell hangs.
f3115a9f645c1a88e4f21a38b214d3665945222d
created 2014-07-18 11:48 -0700
pushed 2014-09-15 15:58 +0000
Brian Smith Brian Smith - Bug 1039064: Use strongly-typed enum instead of NSPR-style error handling, r=keeler a=lmandel
d8e146e60d2401c8038041740e99477aabc3b4f0
created 2014-08-21 10:37 -0700
pushed 2014-09-02 16:39 +0000
David Keeler David Keeler - Bug 1049095 - Re-verify joinee certificate with joining hostname when joining connections. r=briansmith, r=mcmanus, r=cviecco, r=mmc, r=rbarnes, a=sledru
a6389627c3a4d841462b60223357bedc5494ebca
created 2014-07-14 16:43 -0700
pushed 2014-09-02 16:39 +0000
Brian Smith Brian Smith - Bug 1038098: Save intermediate certificates during TLS handshake, r=keeler
0ed88d692f42f34802beafcea77797f61c918155
created 2014-07-06 15:55 -0700
pushed 2014-09-02 16:39 +0000
Brian Smith Brian Smith - Bug 1035009: Stop using CERTCertList in mozilla::pkix, r=keeler
911d02f2c02a13fbdf80083f6d00886e35523f20
created 2014-07-03 16:59 -0700
pushed 2014-09-02 16:39 +0000
Brian Smith Brian Smith - Bug 1029247, Part 2: Parse certificates using mozilla::pkix::der, r=keeler
5d696c6fe0a7d44afa8955d08fc0e7dc1d80cb3c
created 2014-07-06 19:15 -0700
pushed 2014-09-02 16:39 +0000
Brian Smith Brian Smith - Bug 1035034: Fix typo in CertVerifier, r=cviecco
b3ebf7675c7bd1d85ed1b7290e1d2c3ae28a0490
created 2014-06-16 23:13 -0700
pushed 2014-09-02 16:39 +0000
Brian Smith Brian Smith - Bug 975229: Remove NSS-based certificate verification, r=keeler
2572716c3646aa70b0109e602ee5113c6ad17138
created 2014-06-19 00:13 -0700
pushed 2014-09-02 16:39 +0000
Brian Smith Brian Smith - Bug 1006812: Use mozilla::pkix::der to decode the key usage extension, r=keeler
bd1a3bb1b916fb44bb17339c6305fea4f02a6d35
created 2014-06-16 23:37 -0700
pushed 2014-09-02 16:39 +0000
Brian Smith Brian Smith - Bug 1026371: Remove useless comments in CertVerifier.cpp, r=cviecco
1f8ea4a62f1b57646a295a455417952b2eccbf0f
created 2014-07-06 19:15 -0700
pushed 2014-07-21 20:25 +0000
Brian Smith Brian Smith - Bug 1035034 - Fix typo in CertVerifier. r=cviecco, a=sledru
14d4b1f1aab3a3d8741624864b186e7b9e0dd7f1
created 2014-06-19 00:13 -0700
pushed 2014-07-21 20:25 +0000
Brian Smith Brian Smith - Bug 1006812: Use mozilla::pkix::der to decode the key usage extension, r=keeler, a=sledru
6dcd584751cc23bea5b56dc3c455640dd1aa8c6c
created 2014-05-28 15:28 -0700
pushed 2014-07-21 20:25 +0000
David Keeler David Keeler - bug 1006710 - add class of PSM errors to SEC and SSL errors r=briansmith
c288e2c355abaa840d36f1b754708bb466df767f
created 2014-05-21 15:42 -0700
pushed 2014-07-21 20:25 +0000
Camilo Viecco Camilo Viecco - Bug 1005142 - Part 1/2 - Add OCSP get capabilities to OCSPRequestor. r=keeler
776e1fd3824fd0a809c4b60f082faf955677e88d
created 2014-05-19 13:24 -0700
pushed 2014-07-21 20:25 +0000
Monica Chew Monica Chew - Bug 1011269: Forgot to qref to pick up keeler's changes (r=keeler)
1f5b5d9cbf72d570fb8e054713060243e44c303b
created 2014-05-19 13:04 -0700
pushed 2014-07-21 20:25 +0000
Monica Chew Monica Chew - Bug 1011269: Add CertVerifier::pinningEnforceTestMode (r=keeler)
a4ae7060f43ac1a4e49b30dfd7a95c5212940d4b
created 2014-05-15 18:59 -0700
pushed 2014-07-21 20:25 +0000
Brian Smith Brian Smith - Bug 1006958: Use mozilla::pkix::der to parse certificate policies instead of NSS, r=keeler
b9eff37173e1219027e2b5cb6822cb33504106b6
created 2014-05-14 01:02 -0700
pushed 2014-07-21 20:25 +0000
Brian Smith Brian Smith - Bug 1006041: Use mozilla::pkix::der for decoding the extended key usage extension, r=keeler
c968e47ef70893902ed49f65ade8a2ffe116ea11
created 2014-04-25 16:29 -0700
pushed 2014-07-21 20:25 +0000
Brian Smith Brian Smith - Bug 1002933: Use Strongly-typed enums more often in mozilla::pkix, r=mmc
affd460bc3d7ee6d8a6347bd7ae7faa4c7dc1ecd
created 2014-02-05 14:49 -0800
pushed 2014-07-21 20:25 +0000
Camilo Viecco Camilo Viecco - Bug 744204 - Allow Certificate key pinning Part 2 - Certverifier Interface. r=keeler
9c09b72ad255af0b70a3c07f50934305d2f589c2
created 2014-07-06 19:15 -0700
pushed 2014-07-09 14:26 +0000
Brian Smith Brian Smith - Bug 1035034 - Fix typo in CertVerifier. r=cviecco, a=sledru
116939c71b4f2075b6ca4df45153b6eaef5fafea
created 2014-06-27 18:47 -0700
pushed 2014-06-30 20:04 +0000
Brian Smith Brian Smith - Bug 1006812: Use mozilla::pkix::der to decode the key usage extension, r=keeler, a=sledru
311bb33950fdce6caa552dbfe4915734920c91a2
created 2014-03-28 10:21 -0700
pushed 2014-06-09 21:49 +0000
Camilo Viecco Camilo Viecco - Bug 987816 - Part 1/3. Allow verifying with certificateUsageVerifyCA. r=dkeeler
dd433d12561bb75b984fe56734bcc67b3d8c6c07
created 2014-03-28 16:57 -0700
pushed 2014-06-09 21:49 +0000
Wes Kocher Wes Kocher - Backed out 2 changesets (bug 987816) for xpcshell orange
245d0cb5a7b32e10fdbd1cbcb42ca7380c2bfbce
created 2014-03-28 10:21 -0700
pushed 2014-06-09 21:49 +0000
Camilo Viecco Camilo Viecco - Bug 987816 - certificateUsageVerifyCA is OK verifcation option. r=dkeeler
04ea38d3515f3dd7e739cfed8005fa70634c06fb
created 2014-03-20 14:29 -0700
pushed 2014-06-09 21:49 +0000
David Keeler David Keeler - bug 985201 - rename insanity::pkix to mozilla::pkix r=cviecco r=briansmith
22251d6a3bb49c0b8c519c3a5b4c2164d573ebe5
created 2014-03-28 10:21 -0700
pushed 2014-04-28 18:51 +0000
Camilo Viecco Camilo Viecco - Bug 987816 - verifying with certificateUsageVerifyCA always return failure. r=dkeeler a=lsblakk
840df518d026f9f7b9bf896fb7ef8d0b3e9fb9da
created 2014-03-12 13:08 -0700
pushed 2014-04-28 18:51 +0000
David Keeler David Keeler - bug 915932 - cache OCSP responses when using insanity::pkix r=cviecco r=briansmith
b7030189c2ca5697c8fba43220511ddc39fcce98
created 2014-02-23 22:15 -0800
pushed 2014-04-28 18:51 +0000
Brian Smith Brian Smith - Bug 921885: Use insanity::pkix for EV cert verification when insanity::pkix is the selected implementation, r=cviecco, r=keeler
e50c326ad721ba006716daa4f0a43c8e1584c06d
created 2014-02-24 12:37 -0800
pushed 2014-04-28 18:51 +0000
Brian Smith Brian Smith - Bug 921886: Add certificate policiy support to insanity::pkix, r=keeler, r=cviecco
12661b7737d42db4edf9f172929c52611bb79a28
created 2014-02-22 19:08 -0800
pushed 2014-04-28 18:51 +0000
Brian Smith Brian Smith - Bug 975122: Allow cert error overrides when insanity::pkix is used, r?cviecco, r?keeler
302def56019a278411ed9d71e3de7126d1729811
created 2014-02-16 17:35 -0800
pushed 2014-04-28 18:51 +0000
Brian Smith Brian Smith - Bug 915931, Part 3: Integrate insanity::pkix OCSP support, r=keeler, r=cviecco
5eece3c778aaecfe6c4bcbeaae863f611ef47280
created 2014-02-10 11:41 -0800
pushed 2014-04-28 18:51 +0000
Brian Smith Brian Smith - Bug 878932, Part 1: add insanity::pkix as an option for certificate verification, r=keeler, r=cviecco
d2afdb4177dd84980ecf89370aaa68f9e34f8f01
created 2014-02-05 14:49 -0800
pushed 2014-04-28 18:51 +0000
Camilo Viecco Camilo Viecco - Bug 790809 - Add callback for in libpkix for extra app checks (in usage sslserver). r=dkeeler
ca49b7e8988156fbe79b07f0e6c84ac65743b6a4
created 2014-02-05 22:11 -0800
pushed 2014-04-28 18:51 +0000
Daniel Holbert Daniel Holbert - Bug 968323: Declare prlog variables inside #ifdef PR_LOGGING instead of MOZ_LOGGING, in /security, to fix build failures in --disable-logging builds. r=briansmith
98236f59f6f99dc6783cfa4ce6f571eed80e4b0a
created 2014-02-05 22:11 -0800
pushed 2014-04-28 18:51 +0000
Camilo Viecco Camilo Viecco - Bug 968491 helper-patch: Temporarily #ifdef out static function 'insertErrorIntoVerifyLog' to address Wunused-function build warning. r=briansmith
b192379d4d6508d6db9954215f17794a9f3a1ca1
created 2014-03-28 10:21 -0700
pushed 2014-04-16 16:08 +0000
Camilo Viecco Camilo Viecco - Bug 987816 - verifying with certificateUsageVerifyCA always return failure. r=dkeeler a=lsblakk
836391ce81b854b72c353ca45396ddd225f7e496
created 2014-02-23 22:15 -0800
pushed 2014-03-17 21:55 +0000
Brian Smith Brian Smith - Bug 921885: Use insanity::pkix for EV cert verification when insanity::pkix is the selected implementation, r=cviecco, r=keeler, a=sledru
less more (0) -60 tip