rust
/
webpki
mirror of https://github.com/briansmith/webpki
1
0
Fork 0
Code Issues Releases Wiki Activity
400 Commits 13 Branches 12 Tags 1.3 MiB
Commit Graph

242 Commits

Author SHA1 Message Date
Brian Smith fad3e4fbc5 Consistently use the name "webpki" instead of "libwebpki." 2016-06-30 17:07:39 -10:00
Brian Smith 3497ab6ea6 Use `ring::der::small_nonnegative_integer`. 
`webpki::der::integer` was moved to *ring* and renamed.
 2016-06-17 18:07:37 -10:00
Brian Smith 4790f4fd4c Fix build. 
The feature name was inconsistent in the source code and Cargo.toml.
Consequently, it wasn't noticed that webpki::trust_anchor_util was
broken due to the `!#[no_std]` change. Also fix that.
 2016-06-06 10:21:15 -10:00
Brian Smith 0ebf354d84 Use `#![no_std]`, limiting libstd dependency to `trust_anchor_util`. 
`webpki::trust_anchor_util` is now an optional feature, enabled using
the feature "trust_anchor_util", which is enabled by default. It is the
only part of webpki other than the tests to use libstd. If the
"trust_anchor_util" default feature is disabled, then webpki should build
and work against libcore.
 2016-06-05 13:57:49 -10:00
Brian Smith 2f3c98c178 Updates for untrusted.rs API changes. 2016-06-05 13:26:46 -10:00
Brian Smith f223285461 Remove unnecessary newline. 2016-05-27 17:01:47 -10:00
Brian Smith 72a3ad9d3c Use `ring::der::positive_integer` for serial numbers. 2016-05-23 18:10:54 -10:00
Brian Smith 01b15d06c6 Sync with *ring* signature API changes. 
Also, add `RSA_PKCS1_3072_8192_SHA384` to the tests.
 2016-02-27 21:22:52 -10:00
Brian Smith a748d296d2 Add RSA_PKCS1_3072_8192_SHA384 to the public API. 2016-01-05 18:33:46 -10:00
Brian Smith 9c4a4bff2e Resync code with *ring*. 2016-01-05 18:31:06 -10:00
Brian Smith b9e5de0d76 Add NSA Suite B RSA_PKCS1_3072_8192_SHA384 algorithm. 2015-12-11 14:10:08 -10:00
Brian Smith 0a2d7891d4 use new |ring::signature| API for verifying signatures. 2015-12-10 18:25:16 -10:00
Brian Smith 46d1725a95 Use |ring::input| and |ring::der|. 
|webpki::input| was copied to |ring::input|. The core of |webpki::der|
was copied to |ring::der|. This change removes the duplicate code from
libwebpki and adapts the rest of libwebpki accordingly.
 2015-12-10 17:48:32 -10:00
Brian Smith 973dce8a48 Remove trailing whitespace. 2015-12-06 11:24:36 -10:00
Brian Smith e58e78c9c8 Remove unnecessary |extern crate rustc_serialize;|. 2015-09-15 17:37:48 -07:00
Brian Smith a09e429271 Update for *ring*'s API refactoring. 
The *ring* refactoring fixed the |Digest| type so that it is now no
longer necessary to use the heap (|Vec| in particular) at all in
libwebpki.
 2015-09-15 17:33:43 -07:00
Brian Smith 08f76d0dd5 Fix wildcard name matching. 2015-09-15 17:32:52 -07:00
Brian Smith b808268039 Improve the parsing and matching of OIDs. 
This just factors out the matching of common prefixes when looking up
OIDs. It probably isn't significantly faster but it is less code and
hopefully less object code.

This also removes support for the id-pe-authorityInfoAccess extension.
We saved the value of the extension but it wasn't being used anywhere.
 2015-09-01 11:19:31 -07:00
Corey Farwell eefa02dd6a Fix incorrect doc-comment syntax. 
Closes #4.
 2015-08-27 20:18:04 -07:00
Brian Smith 67f0b6d23c Refactor and document |Input| and |Reader|. 2015-08-27 10:23:38 -07:00
Brian Smith 400553bc91 Add |trust_anchor_util|. 2015-08-27 10:23:37 -07:00
Brian Smith a704a9bd81 Make the |webpki::input| module public. 2015-08-27 10:23:37 -07:00
Brian Smith e7a7e45b5f Add |verify_tls_cert|. 
add verify_tls_cert function.
 2015-08-27 10:23:36 -07:00
Brian Smith b3288693fb Name constraints [2/3]: Directory name constraints. 2015-08-27 10:23:36 -07:00
Brian Smith 8a159ce048 Name constraints [2/3]: IP address name constraints. 2015-08-27 10:23:35 -07:00
Brian Smith 589c6e0630 Name constraints [1/3]: Check dNSName constraints. 2015-08-27 10:23:35 -07:00
Brian Smith 293355f7dc Name validation [2/2]: Add |verify_cert_dns_name|. 2015-08-27 10:23:34 -07:00
Brian Smith d1d54f169e Name validation [1/2]: Validate DNS ID syntax. 2015-08-27 10:23:34 -07:00
Brian Smith aea9e55d02 Verify certificate signatures. 2015-08-27 10:23:33 -07:00
Brian Smith 103637a5aa Add |build_chain|. 2015-08-27 10:23:33 -07:00
Brian Smith 00183b90bf Add |check_issuer_independent_properties|. 2015-08-27 10:23:32 -07:00
Brian Smith 5d145cbdf9 Validate extended key usage. 2015-08-27 10:23:32 -07:00
Brian Smith 09734f4e5b Validate basic constraints. 2015-08-27 10:23:31 -07:00
Brian Smith ed9bd2b4f1 Unwrap inner sequence in extensions early. 2015-08-27 10:23:30 -07:00
Brian Smith 2974a57b00 Validate notBefore and notAfter. 2015-08-27 10:23:30 -07:00
Brian Smith f9ac40dd2b Add time parsing. 2015-08-27 10:23:29 -07:00
Brian Smith 7cff654f54 Add certificate parsing. 2015-08-27 10:23:29 -07:00
Brian Smith a43b691427 Add parsing and verification of signed data. 2015-08-27 10:23:28 -07:00
Brian Smith 6b60cbd719 Add ASN.1 DER parsing framework. 2015-08-27 10:23:27 -07:00
Brian Smith 62a20c6df2 Add |read_all| and |read_all_optional|. 2015-08-27 10:23:27 -07:00
Brian Smith 461451eab0 Add |Input|/|Reader| parsing framework. 2015-08-27 10:23:26 -07:00
Brian Smith 7ad4cbd4aa Boilerplate. 2015-08-27 10:23:24 -07:00