Brian Smith
3eef66a3b6
Match DNS-IDs case-insensitively as required by spec.
...
webpki was matching case-sensitively, which was too strict.
This was found using the mozilla::pkix test vectors, which will be
imported in a future commit.
2017-09-11 16:36:52 -10:00
Brian Smith
e643cb56a1
Add verify_is_valid_for_at_least_one_dns_name().
2017-09-02 09:50:24 -10:00
Brian Smith
fb4d0d6a13
Document client authentication.
2017-09-02 09:44:57 -10:00
Brian Smith
a4da07068e
Take trust anchors by reference in verify_is_valid_tls_client_cert.
...
Make verify_is_valid_tls_client_cert like
verify_is_valid_tls_server_cert.
2017-09-02 09:44:56 -10:00
Alex Gaynor
a2ebd747d1
Use wrapper type for client trust anchors.
2017-09-02 09:44:55 -10:00
Lalit Maganti
22a645db61
Add support for verifying client certificates.
2017-09-02 09:44:54 -10:00
Brian Smith
6a8537f468
Remove redundant documentation for verify_is_valid_for_dns_name.
...
The expectation described in the comment is now enforced in code by the
use of `DNSNameRef`.
2017-09-02 09:42:20 -10:00
Brian Smith
551ccd2440
Fix --no-default-features build.
2017-08-31 16:47:47 -10:00
Brian Smith
ee9253656a
0.18.0.
...
`webpki::Error` has a backward-incompatible change.
2017-08-31 14:15:02 -10:00
Brian Smith
e4b95d781b
Add IP address test vectors for DNS name parsing.
2017-08-31 14:15:01 -10:00
Brian Smith
047fb3ccfc
Test underscores and hyphens in DNS names.
2017-08-31 13:07:30 -10:00
Brian Smith
937122ff74
Initial DNS name validation test vectors.
2017-08-31 13:07:29 -10:00
Brian Smith
e3c7e84a63
Restrict DNS name length to 253 bytes, not 255 bytes.
2017-08-31 11:51:50 -10:00
Brian Smith
927ab2a696
Add notes about what comprises a syntactically-valid DNS Name.
2017-08-31 11:51:50 -10:00
Brian Smith
e643a9bfcc
Add notes about comparing `DNSName`s and `DNSNameRef`s.
2017-08-31 11:51:49 -10:00
Brian Smith
3bceb7870a
Implement Debug for DNSName and DNSNameRef.
2017-08-31 11:51:49 -10:00
Brian Smith
6cbbf7c34c
Implement conversion of DNSNameRef to DNSName.
2017-08-31 11:51:48 -10:00
Brian Smith
8ab0c0369f
Implement Clone for DNSName.
2017-08-31 11:51:47 -10:00
Brian Smith
e973325a6b
Add `DNSName`, a String wrapper `String` guaranteed to be a DNS Name.
2017-08-31 11:51:47 -10:00
Brian Smith
8307bd2478
Introduce public `DNSNameRef` DNS name validation API.
2017-08-31 11:50:50 -10:00
Brian Smith
22cd1ab6f5
Add tests/* to Cargo.toml includes.
...
In particular, enable the running of the integration tests from the
packaged crate.
2017-08-29 16:07:32 -10:00
Brian Smith
f3d80feafd
0.17.0: Use *ring* 0.17.0, untrusted 0.5.1, base64 0.6.0.
2017-08-27 17:50:25 -10:00
Brian Smith
84da242368
Forbid/deny all lints by default in integration tests.
2017-08-27 12:23:11 -10:00
Brian Smith
2f88818648
Only run trust_anchor_util tests if that feature is enabled.
2017-08-27 12:18:59 -10:00
Brian Smith
8e1eea0670
Fix `use` style in tests/integration.rs.
2017-08-27 12:18:34 -10:00
Brian Smith
a15b015761
Remove extra space in comment.
2017-08-27 12:01:15 -10:00
Brian Smith
0e43f59d38
Use `#![forbid]` instead of just `#![deny]` when possible.
2017-08-27 11:56:49 -10:00
Brian Smith
5e04171b16
Don't enumerate warnings for which #[deny(warnings)] applies.
2017-08-27 11:56:48 -10:00
Brian Smith
9dd54974a5
Deny missing_copy_implementations.
2017-08-27 11:56:48 -10:00
Brian Smith
1b6543c2f7
Derive `Debug` for `TLSServerTrustAnchors`.
2017-08-27 11:56:40 -10:00
Brian Smith
f7b4e084b5
Deny unused_qualifications again.
...
It is no longer needed to allow them.
2017-08-27 11:56:06 -10:00
Brian Smith
103c6ab22b
Test --no-default-features --features=trust_anchor_util config.
2017-08-27 10:24:29 -10:00
Brian Smith
2df22b0fa1
Test no-default-features and all-features modes.
2017-08-27 10:19:45 -10:00
Brian Smith
370f5cbc02
Fix Travis CI.
2017-08-27 01:02:23 -10:00
Brian Smith
03d2500e68
0.16.0.
2017-08-27 00:37:46 -10:00
Brian Smith
785a48b811
Take SystemTime by value (copy) in webpki::Time::try_from.
2017-08-27 00:37:28 -10:00
Brian Smith
ba2438dd3c
Make `std` a default feature.
2017-08-27 00:37:16 -10:00
Brian Smith
e3cd06a02c
Add src/{calendar.rs, time.rs} to Cargo.toml; clean up duplicate entries.
2017-08-27 00:07:35 -10:00
Brian Smith
a1937781b7
0.14.0.
2017-08-27 00:04:31 -10:00
Brian Smith
1c0c6add49
Take `&TLSServerTrustAnchors` instead of moving it.
...
This allows webpki-roots, et al., to expose the trust anchors as a
`TLSServerTrustAnchors`.
2017-08-25 09:09:46 -10:00
Alex Gaynor
75f00b170a
Use newtype for server trust anchors.
...
This is a step towards supporting TLS client authentication.
2017-08-25 09:07:42 -10:00
Brian Smith
2d9eb4c4fa
Formatting: Alphabetize `pub use time::Time`.
2017-08-25 09:00:44 -10:00
Brian Smith
c70ae1df60
Fix grammar in a name constraint implementation comment.
2017-08-25 09:00:44 -10:00
Brian Smith
21093c6884
Fix mispelling in comment in the name constraint implementation.
2017-08-25 09:00:43 -10:00
Brian Smith
5a739cd967
Replace `try!(...)` with `...?`.
2017-08-25 09:00:43 -10:00
Brian Smith
b02fbef2cc
Recommend using `Time::try_from()` over `from_seconds_since_unix_epoch()`.
2017-08-22 12:20:53 -10:00
Brian Smith
222e4afdc1
Replace `impl From<SystemTime> for Time` with a `TryFrom`-like polyfill.
...
In particular, remove the `unwrap()` so we don't panic when given a
crazy time before the Unix epoch on systems capable of representing
such times.
2017-08-22 12:20:52 -10:00
Brian Smith
9eefad3c53
Rename `Time::from_seconds_from_unix_epoch()` to `from_seconds_since_unix_epoch()`.
...
The two different senses of `from` in the name were confusing & awkward.
2017-08-18 11:50:45 -10:00
Brian Smith
827d085673
Conform to draft Rust API guidelines regarding "std" feature name.
...
See https://rust-lang-nursery.github.io/api-guidelines/naming.html#feature-names-are-free-of-placeholder-words-c-feature .
2017-08-18 10:46:35 -10:00
Joseph Birr-Pixton
7f38a1dbc7
Expose our own time type `webpki::Time`
...
You can make one of these using `webpki::Time::from_seconds_from_unix_epoch`.
- Move ASN1 conversion functions to "calendar.rs", and add some tests.
- The new feature `use_std` adds `from<std::time::SystemTime>` to `webpki::Time`.
- Fixate time in tests/integration to prevent future expiry.
- Add a library-external test of `use_std` feature.
- Run tests with `use_std` and without.
2017-08-18 10:40:46 -10:00