Brian Smith
d60ee6e296
0.20.0-alpha1
2019-07-09 18:27:05 -10:00
Brian Smith
0ea46b594b
Use *ring* 0.15.0-alpha3.
2019-07-09 18:27:05 -10:00
Brian Smith
d31d80121a
Fix Cargo.toml includes.
2019-07-09 18:27:03 -10:00
Brian Smith
6031d9fc9b
Sync with latest *ring* API changes.
2019-04-05 17:26:45 -10:00
Brian Smith
f1264202da
Update for latest `untrusted` prerelease.
2019-04-05 10:30:30 -10:00
Brian Smith
8c73c9c9f1
`cargo +nightly fmt.`
2019-03-28 15:26:38 -10:00
Brian Smith
35b9d5ceaa
Import rustfmt.toml from *ring*.
2019-03-28 15:26:38 -10:00
Brian Smith
0d8a27161a
Switch to Rust 2018 Edition.
2019-03-28 15:26:38 -10:00
Brian Smith
ffe1cf8a59
Implement `From` instead of `Into`.
2019-03-28 15:26:38 -10:00
Brian Smith
325cd1300b
Use `Self` more.
...
This required fixing the allowed lifetimes in `DNSNameRef::try_from_ascii_str()`.
2019-03-28 15:26:25 -10:00
Brian Smith
b3bcccc38d
Eliminate unnecessary `'static` lifetime annotations.
2019-03-28 15:19:47 -10:00
Brian Smith
1e96f33624
Eliminate unnecessary (named) lifetime annotations.
2019-03-28 15:19:47 -10:00
Brian Smith
003f503124
Update dependencies to in-development versions.
2019-03-28 15:19:47 -10:00
Brian Smith
a96d3bb09d
Clarify the documentation of InvalidDNSName.
2019-03-28 15:16:03 -10:00
Brian Smith
f02b1c3abe
Remove unnecessary `#[cfg(feature = "std')]`.
2019-03-28 15:15:32 -10:00
Francis Lalonde
5dad1619cc
Return InvalidDNSNameError upon failing to build a DNSNameRef
2019-03-28 15:14:38 -10:00
Brian Smith
f2f2f13811
Revert "Revert "Remove support for SHA-1.""
...
This reverts commit db0c6cbd1e
, i.e.
it removes SHA-1 support again.
2019-03-22 11:35:33 -10:00
Brian Smith
d26035bbe7
Always use current "stable" Rust.
...
Update AppVeyor script to match *ring*.
2019-03-22 10:31:41 -10:00
Brian Smith
8294b8d982
Update code style in `EndEntityCert::from`.
2019-03-22 10:31:41 -10:00
Andy Russell
dba79f5894
convert doc comment to regular comment
2019-02-20 03:57:50 -10:00
Brian Smith
faa7f2b88b
Revert "`cargo +nightly fmt`."
...
This reverts commit 7379d6062b
. We'll merge
some outstanding PRs before doing the reformat.
2019-01-29 17:06:47 -10:00
Brian Smith
d71a5588e3
Use `untrusted::read_all` instead of `untrusted::read_all_mut`.
...
`read_all_mut()` will be removed from `untrusted` soon since it is
redundant with `read_all()`.
2019-01-29 17:05:55 -10:00
Brian Smith
7379d6062b
`cargo +nightly fmt`.
2019-01-29 17:03:53 -10:00
Brian Smith
f12b339918
0.19.1 using *ring* 0.14.2.
2019-01-23 10:03:45 -10:00
Sebastian Hahn
d139e98815
Add support for Ed25519 certificates
...
This adds support for verification of ed25519 certificates according to
RFC 8410. Implements #49 .
The test certificate was generated using OpenSSL 1.1.1a, using the
following commands (CA.pl is distributed with OpenSSL):
openssl genpkey -algorithm ed25519 -outform pem -out root_key.pem
openssl req -new -x509 -days 9999 -extensions v3_ca -key root_key.pem \
-inform pem -outform pem -out root_ed25519.pem
echo root_ed25519.pem | CA.pl -newca
openssl genpkey -algorithm ed25519 -outform pem -out client_key.pem
openssl req -new -key client_key.pem -inform pem -outform pem \
-out client_ed25519_csr.pem
openssl ca -keyfile ./root_key.pem -days 999 -notext -in \
client_ed25519_csr.pem -out client_ed25519.pem
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
2019-01-18 15:20:58 -10:00
Jonas Schievink
6c710deee8
Move `Error` to its own module, impl Display/Error
...
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
2019-01-18 15:17:20 -10:00
Brian Smith
daa400e1ed
0.19.0.
2019-01-09 09:12:23 -10:00
Brian Smith
db0c6cbd1e
Revert "Remove support for SHA-1."
...
This reverts commit 97d336003e
.
This will be done later.
2019-01-07 12:25:14 -10:00
Brian Smith
9d536ccd9e
0.19.0-alpha1: Update to *ring* 0.14.0-alpha2.
2018-12-21 15:59:01 -10:00
Brian Smith
97d336003e
Remove support for SHA-1.
...
All major browsers have removed support for SHA-1-signed certificates
from their Web PKI implementations. Let's do the same.
2018-11-28 13:41:41 -10:00
Brian Smith
4329ed1c25
Bump version number for incompatible changes.
2018-11-28 13:35:31 -10:00
Steffen R. Knollmann
bccc07f0f5
Point to rustls for example
2018-10-23 13:40:31 -10:00
Brian Smith
8bee7bb606
Fix --no-default-features build.
2018-07-26 11:57:55 -10:00
Brian Smith
43a5b747c0
0.18.1.
2018-07-13 09:24:57 -10:00
Brian Smith
68558df613
0.18.0.
2018-07-13 09:14:27 -10:00
Brian Smith
a69287be1e
0.18.0-alpha4.
2018-06-05 09:45:03 -10:00
Brian Smith
132ec15f70
Add `AsRef<str>` implementation for `DNSName`.
2018-06-05 09:43:03 -10:00
Brian Smith
3f9fd4c6ca
Add DNSNameRef::to_owned().
2018-06-04 16:30:15 -10:00
Brian Smith
96de094e0d
Implement `Eq`, `PartialEq`, and `Hash` for webpki::DNSName.
2018-06-04 16:19:13 -10:00
Brian Smith
68fcf3dd3b
0.18.0-alpha3.
2018-05-15 11:16:36 -10:00
Brian Smith
d813158c1b
0.18.0-alpha2.
2018-05-15 11:12:56 -10:00
Brian Smith
76da76ef5b
Remove obsolete id-Netscape-stepUp EKU matching workaround.
...
This workaround isn't needed for compatibility any more. See
https://bugs.chromium.org/p/chromium/issues/detail?id=733403#c3 .
See also https://bugzilla.mozilla.org/show_bug.cgi?id=982932 . That
was done two years ago so they can probably remove the workaround
completely now as well.
2018-04-25 16:50:13 -10:00
Brian Smith
2a48a8d30d
Stop forbidding `fat_ptr_transmutes` feature removed before Rust 1.0.
...
rustc now warns about this line. Remove it since it was a no-op, as
`fat_ptr_transmutes` was removed before Rust 1.0 was released.
2018-01-10 13:00:55 -10:00
Brian Smith
9e34abe1d5
Prepare for splitting types.
2018-01-10 12:59:34 -10:00
Brian Smith
6e942008ef
Drop reference to the removed `fat_ptr_transmutes` lint.
...
`fat_ptr_transmutes` was removed a long time ago and now rustc
complains about the code mentioning it.
2018-01-10 10:13:03 -10:00
Brian Smith
bee17185e8
0.18.0-alpha.
2017-12-24 10:49:52 -10:00
Brian Smith
0947581225
Update *ring* and untrusted dependencies.
2017-12-24 10:49:52 -10:00
wangcong
d4cff28a54
Fix English grammar typo in README.md.
2017-09-25 08:05:53 -10:00
Brian Smith
d1f9ff9180
Remove obsolete, wrong, and unreachable IDN wildcard logic.
...
mozilla::pkix enforced the rule the comment describes at one point.
However, it later dropped support for wildcards of the form
"foo*.example.org" where the "*" isn't the only character in the
wildcard. webpki implements that newer logic. With that newer logic,
it wasn't possible for `is_wildcard` to be set and for the hostname
to start with "xn--" since `is_wildcard` is only set when the hostname
starts with "*.".
2017-09-13 15:44:35 -10:00
Brian Smith
b53fc74ea7
Import initial DNS-ID matching tests from mozilla::pkix.
2017-09-13 15:44:34 -10:00