Brian Smith
fad3e4fbc5
Consistently use the name "webpki" instead of "libwebpki."
2016-06-30 17:07:39 -10:00
Brian Smith
3497ab6ea6
Use `ring::der::small_nonnegative_integer`.
...
`webpki::der::integer` was moved to *ring* and renamed.
2016-06-17 18:07:37 -10:00
Brian Smith
4790f4fd4c
Fix build.
...
The feature name was inconsistent in the source code and Cargo.toml.
Consequently, it wasn't noticed that webpki::trust_anchor_util was
broken due to the `!#[no_std]` change. Also fix that.
2016-06-06 10:21:15 -10:00
Brian Smith
0ebf354d84
Use `#![no_std]`, limiting libstd dependency to `trust_anchor_util`.
...
`webpki::trust_anchor_util` is now an optional feature, enabled using
the feature "trust_anchor_util", which is enabled by default. It is the
only part of webpki other than the tests to use libstd. If the
"trust_anchor_util" default feature is disabled, then webpki should build
and work against libcore.
2016-06-05 13:57:49 -10:00
Brian Smith
2f3c98c178
Updates for untrusted.rs API changes.
2016-06-05 13:26:46 -10:00
Brian Smith
f223285461
Remove unnecessary newline.
2016-05-27 17:01:47 -10:00
Brian Smith
72a3ad9d3c
Use `ring::der::positive_integer` for serial numbers.
2016-05-23 18:10:54 -10:00
Brian Smith
01b15d06c6
Sync with *ring* signature API changes.
...
Also, add `RSA_PKCS1_3072_8192_SHA384` to the tests.
2016-02-27 21:22:52 -10:00
Brian Smith
a748d296d2
Add RSA_PKCS1_3072_8192_SHA384 to the public API.
2016-01-05 18:33:46 -10:00
Brian Smith
9c4a4bff2e
Resync code with *ring*.
2016-01-05 18:31:06 -10:00
Brian Smith
b9e5de0d76
Add NSA Suite B RSA_PKCS1_3072_8192_SHA384 algorithm.
2015-12-11 14:10:08 -10:00
Brian Smith
0a2d7891d4
use new |ring::signature| API for verifying signatures.
2015-12-10 18:25:16 -10:00
Brian Smith
46d1725a95
Use |ring::input| and |ring::der|.
...
|webpki::input| was copied to |ring::input|. The core of |webpki::der|
was copied to |ring::der|. This change removes the duplicate code from
libwebpki and adapts the rest of libwebpki accordingly.
2015-12-10 17:48:32 -10:00
Brian Smith
973dce8a48
Remove trailing whitespace.
2015-12-06 11:24:36 -10:00
Brian Smith
e58e78c9c8
Remove unnecessary |extern crate rustc_serialize;|.
2015-09-15 17:37:48 -07:00
Brian Smith
a09e429271
Update for *ring*'s API refactoring.
...
The *ring* refactoring fixed the |Digest| type so that it is now no
longer necessary to use the heap (|Vec| in particular) at all in
libwebpki.
2015-09-15 17:33:43 -07:00
Brian Smith
08f76d0dd5
Fix wildcard name matching.
2015-09-15 17:32:52 -07:00
Brian Smith
b808268039
Improve the parsing and matching of OIDs.
...
This just factors out the matching of common prefixes when looking up
OIDs. It probably isn't significantly faster but it is less code and
hopefully less object code.
This also removes support for the id-pe-authorityInfoAccess extension.
We saved the value of the extension but it wasn't being used anywhere.
2015-09-01 11:19:31 -07:00
Corey Farwell
eefa02dd6a
Fix incorrect doc-comment syntax.
...
Closes #4 .
2015-08-27 20:18:04 -07:00
Brian Smith
67f0b6d23c
Refactor and document |Input| and |Reader|.
2015-08-27 10:23:38 -07:00
Brian Smith
400553bc91
Add |trust_anchor_util|.
2015-08-27 10:23:37 -07:00
Brian Smith
a704a9bd81
Make the |webpki::input| module public.
2015-08-27 10:23:37 -07:00
Brian Smith
e7a7e45b5f
Add |verify_tls_cert|.
...
add verify_tls_cert function.
2015-08-27 10:23:36 -07:00
Brian Smith
b3288693fb
Name constraints [2/3]: Directory name constraints.
2015-08-27 10:23:36 -07:00
Brian Smith
8a159ce048
Name constraints [2/3]: IP address name constraints.
2015-08-27 10:23:35 -07:00
Brian Smith
589c6e0630
Name constraints [1/3]: Check dNSName constraints.
2015-08-27 10:23:35 -07:00
Brian Smith
293355f7dc
Name validation [2/2]: Add |verify_cert_dns_name|.
2015-08-27 10:23:34 -07:00
Brian Smith
d1d54f169e
Name validation [1/2]: Validate DNS ID syntax.
2015-08-27 10:23:34 -07:00
Brian Smith
aea9e55d02
Verify certificate signatures.
2015-08-27 10:23:33 -07:00
Brian Smith
103637a5aa
Add |build_chain|.
2015-08-27 10:23:33 -07:00
Brian Smith
00183b90bf
Add |check_issuer_independent_properties|.
2015-08-27 10:23:32 -07:00
Brian Smith
5d145cbdf9
Validate extended key usage.
2015-08-27 10:23:32 -07:00
Brian Smith
09734f4e5b
Validate basic constraints.
2015-08-27 10:23:31 -07:00
Brian Smith
ed9bd2b4f1
Unwrap inner sequence in extensions early.
2015-08-27 10:23:30 -07:00
Brian Smith
2974a57b00
Validate notBefore and notAfter.
2015-08-27 10:23:30 -07:00
Brian Smith
f9ac40dd2b
Add time parsing.
2015-08-27 10:23:29 -07:00
Brian Smith
7cff654f54
Add certificate parsing.
2015-08-27 10:23:29 -07:00
Brian Smith
a43b691427
Add parsing and verification of signed data.
2015-08-27 10:23:28 -07:00
Brian Smith
6b60cbd719
Add ASN.1 DER parsing framework.
2015-08-27 10:23:27 -07:00
Brian Smith
62a20c6df2
Add |read_all| and |read_all_optional|.
2015-08-27 10:23:27 -07:00
Brian Smith
461451eab0
Add |Input|/|Reader| parsing framework.
2015-08-27 10:23:26 -07:00
Brian Smith
7ad4cbd4aa
Boilerplate.
2015-08-27 10:23:24 -07:00