rust
/
webpki
mirror of https://github.com/briansmith/webpki
1
0
Fork 0
Code Issues Releases Wiki Activity
400 Commits 13 Branches 12 Tags 1.3 MiB
Commit Graph

400 Commits

Author SHA1 Message Date
Brian Smith d60ee6e296 0.20.0-alpha1 2019-07-09 18:27:05 -10:00
Brian Smith 0ea46b594b Use *ring* 0.15.0-alpha3. 2019-07-09 18:27:05 -10:00
Brian Smith d31d80121a Fix Cargo.toml includes. 2019-07-09 18:27:03 -10:00
Brian Smith 6031d9fc9b Sync with latest *ring* API changes. 2019-04-05 17:26:45 -10:00
Brian Smith f1264202da Update for latest `untrusted` prerelease. 2019-04-05 10:30:30 -10:00
Brian Smith 8c73c9c9f1 `cargo +nightly fmt.` 2019-03-28 15:26:38 -10:00
Brian Smith 35b9d5ceaa Import rustfmt.toml from *ring*. 2019-03-28 15:26:38 -10:00
Brian Smith 0d8a27161a Switch to Rust 2018 Edition. 2019-03-28 15:26:38 -10:00
Brian Smith ffe1cf8a59 Implement `From` instead of `Into`. 2019-03-28 15:26:38 -10:00
Brian Smith 325cd1300b Use `Self` more. 
This required fixing the allowed lifetimes in `DNSNameRef::try_from_ascii_str()`.
 2019-03-28 15:26:25 -10:00
Brian Smith b3bcccc38d Eliminate unnecessary `'static` lifetime annotations. 2019-03-28 15:19:47 -10:00
Brian Smith 1e96f33624 Eliminate unnecessary (named) lifetime annotations. 2019-03-28 15:19:47 -10:00
Brian Smith 003f503124 Update dependencies to in-development versions. 2019-03-28 15:19:47 -10:00
Brian Smith a96d3bb09d Clarify the documentation of InvalidDNSName. 2019-03-28 15:16:03 -10:00
Brian Smith f02b1c3abe Remove unnecessary `#[cfg(feature = "std')]`. 2019-03-28 15:15:32 -10:00
Francis Lalonde 5dad1619cc Return InvalidDNSNameError upon failing to build a DNSNameRef 2019-03-28 15:14:38 -10:00
Brian Smith f2f2f13811 Revert "Revert "Remove support for SHA-1."" 
This reverts commit db0c6cbd1e, i.e.
it removes SHA-1 support again.
 2019-03-22 11:35:33 -10:00
Brian Smith d26035bbe7 Always use current "stable" Rust. 
Update AppVeyor script to match *ring*.
 2019-03-22 10:31:41 -10:00
Brian Smith 8294b8d982 Update code style in `EndEntityCert::from`. 2019-03-22 10:31:41 -10:00
Andy Russell dba79f5894 convert doc comment to regular comment 2019-02-20 03:57:50 -10:00
Brian Smith faa7f2b88b Revert "`cargo +nightly fmt`." 
This reverts commit 7379d6062b. We'll merge
some outstanding PRs before doing the reformat.
 2019-01-29 17:06:47 -10:00
Brian Smith d71a5588e3 Use `untrusted::read_all` instead of `untrusted::read_all_mut`. 
`read_all_mut()` will be removed from `untrusted` soon since it is
redundant with `read_all()`.
 2019-01-29 17:05:55 -10:00
Brian Smith 7379d6062b `cargo +nightly fmt`. 2019-01-29 17:03:53 -10:00
Brian Smith f12b339918 0.19.1 using *ring* 0.14.2. 2019-01-23 10:03:45 -10:00
Sebastian Hahn d139e98815 Add support for Ed25519 certificates 
This adds support for verification of ed25519 certificates according to
RFC 8410. Implements #49.

The test certificate was generated using OpenSSL 1.1.1a, using the
following commands (CA.pl is distributed with OpenSSL):

openssl genpkey -algorithm ed25519 -outform pem -out root_key.pem
openssl req -new -x509 -days 9999 -extensions v3_ca -key root_key.pem \
-inform pem -outform pem -out root_ed25519.pem
echo root_ed25519.pem | CA.pl -newca

openssl genpkey -algorithm ed25519 -outform pem -out client_key.pem
openssl req -new -key client_key.pem -inform pem -outform pem \
-out client_ed25519_csr.pem
openssl ca -keyfile ./root_key.pem -days 999 -notext -in \
client_ed25519_csr.pem -out client_ed25519.pem

I agree to license my contributions to each file under the terms given
at the top of each file I changed.
 2019-01-18 15:20:58 -10:00
Jonas Schievink 6c710deee8 Move `Error` to its own module, impl Display/Error 
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
 2019-01-18 15:17:20 -10:00
Brian Smith daa400e1ed 0.19.0. 2019-01-09 09:12:23 -10:00
Brian Smith db0c6cbd1e Revert "Remove support for SHA-1." 
This reverts commit 97d336003e.

This will be done later.
 2019-01-07 12:25:14 -10:00
Brian Smith 9d536ccd9e 0.19.0-alpha1: Update to *ring* 0.14.0-alpha2. 2018-12-21 15:59:01 -10:00
Brian Smith 97d336003e Remove support for SHA-1. 
All major browsers have removed support for SHA-1-signed certificates
from their Web PKI implementations. Let's do the same.
 2018-11-28 13:41:41 -10:00
Brian Smith 4329ed1c25 Bump version number for incompatible changes. 2018-11-28 13:35:31 -10:00
Steffen R. Knollmann bccc07f0f5 Point to rustls for example 2018-10-23 13:40:31 -10:00
Brian Smith 8bee7bb606 Fix --no-default-features build. 2018-07-26 11:57:55 -10:00
Brian Smith 43a5b747c0 0.18.1. 2018-07-13 09:24:57 -10:00
Brian Smith 68558df613 0.18.0. 2018-07-13 09:14:27 -10:00
Brian Smith a69287be1e 0.18.0-alpha4. 2018-06-05 09:45:03 -10:00
Brian Smith 132ec15f70 Add `AsRef<str>` implementation for `DNSName`. 2018-06-05 09:43:03 -10:00
Brian Smith 3f9fd4c6ca Add DNSNameRef::to_owned(). 2018-06-04 16:30:15 -10:00
Brian Smith 96de094e0d Implement `Eq`, `PartialEq`, and `Hash` for webpki::DNSName. 2018-06-04 16:19:13 -10:00
Brian Smith 68fcf3dd3b 0.18.0-alpha3. 2018-05-15 11:16:36 -10:00
Brian Smith d813158c1b 0.18.0-alpha2. 2018-05-15 11:12:56 -10:00
Brian Smith 76da76ef5b Remove obsolete id-Netscape-stepUp EKU matching workaround. 
This workaround isn't needed for compatibility any more. See
https://bugs.chromium.org/p/chromium/issues/detail?id=733403#c3.

See also https://bugzilla.mozilla.org/show_bug.cgi?id=982932. That
was done two years ago so they can probably remove the workaround
completely now as well.
 2018-04-25 16:50:13 -10:00
Brian Smith 2a48a8d30d Stop forbidding `fat_ptr_transmutes` feature removed before Rust 1.0. 
rustc now warns about this line. Remove it since it was a no-op, as
`fat_ptr_transmutes` was removed before Rust 1.0 was released.
 2018-01-10 13:00:55 -10:00
Brian Smith 9e34abe1d5 Prepare for splitting types. 2018-01-10 12:59:34 -10:00
Brian Smith 6e942008ef Drop reference to the removed `fat_ptr_transmutes` lint. 
`fat_ptr_transmutes` was removed a long time ago and now rustc
complains about the code mentioning it.
 2018-01-10 10:13:03 -10:00
Brian Smith bee17185e8 0.18.0-alpha. 2017-12-24 10:49:52 -10:00
Brian Smith 0947581225 Update *ring* and untrusted dependencies. 2017-12-24 10:49:52 -10:00
wangcong d4cff28a54 Fix English grammar typo in README.md. 2017-09-25 08:05:53 -10:00
Brian Smith d1f9ff9180 Remove obsolete, wrong, and unreachable IDN wildcard logic. 
mozilla::pkix enforced the rule the comment describes at one point.
However, it later dropped support for wildcards of the form
"foo*.example.org" where the "*" isn't the only character in the
wildcard. webpki implements that newer logic. With that newer logic,
it wasn't possible for `is_wildcard` to be set and for the hostname
to start with "xn--" since `is_wildcard` is only set when the hostname
starts with "*.".
 2017-09-13 15:44:35 -10:00
Brian Smith b53fc74ea7 Import initial DNS-ID matching tests from mozilla::pkix. 2017-09-13 15:44:34 -10:00