rust
/
webpki
mirror of https://github.com/briansmith/webpki
1
0
Fork 0
Code Issues Releases Wiki Activity
400 Commits 13 Branches 12 Tags 1.3 MiB
Commit Graph

400 Commits

Author SHA1 Message Date
Brian Smith 3eef66a3b6 Match DNS-IDs case-insensitively as required by spec. 
webpki was matching case-sensitively, which was too strict.

This was found using the mozilla::pkix test vectors, which will be
imported in a future commit.
 2017-09-11 16:36:52 -10:00
Brian Smith e643cb56a1 Add verify_is_valid_for_at_least_one_dns_name(). 2017-09-02 09:50:24 -10:00
Brian Smith fb4d0d6a13 Document client authentication. 2017-09-02 09:44:57 -10:00
Brian Smith a4da07068e Take trust anchors by reference in verify_is_valid_tls_client_cert. 
Make verify_is_valid_tls_client_cert like
verify_is_valid_tls_server_cert.
 2017-09-02 09:44:56 -10:00
Alex Gaynor a2ebd747d1 Use wrapper type for client trust anchors. 2017-09-02 09:44:55 -10:00
Lalit Maganti 22a645db61 Add support for verifying client certificates. 2017-09-02 09:44:54 -10:00
Brian Smith 6a8537f468 Remove redundant documentation for verify_is_valid_for_dns_name. 
The expectation described in the comment is now enforced in code by the
use of `DNSNameRef`.
 2017-09-02 09:42:20 -10:00
Brian Smith 551ccd2440 Fix --no-default-features build. 2017-08-31 16:47:47 -10:00
Brian Smith ee9253656a 0.18.0. 
`webpki::Error` has a backward-incompatible change.
 2017-08-31 14:15:02 -10:00
Brian Smith e4b95d781b Add IP address test vectors for DNS name parsing. 2017-08-31 14:15:01 -10:00
Brian Smith 047fb3ccfc Test underscores and hyphens in DNS names. 2017-08-31 13:07:30 -10:00
Brian Smith 937122ff74 Initial DNS name validation test vectors. 2017-08-31 13:07:29 -10:00
Brian Smith e3c7e84a63 Restrict DNS name length to 253 bytes, not 255 bytes. 2017-08-31 11:51:50 -10:00
Brian Smith 927ab2a696 Add notes about what comprises a syntactically-valid DNS Name. 2017-08-31 11:51:50 -10:00
Brian Smith e643a9bfcc Add notes about comparing `DNSName`s and `DNSNameRef`s. 2017-08-31 11:51:49 -10:00
Brian Smith 3bceb7870a Implement Debug for DNSName and DNSNameRef. 2017-08-31 11:51:49 -10:00
Brian Smith 6cbbf7c34c Implement conversion of DNSNameRef to DNSName. 2017-08-31 11:51:48 -10:00
Brian Smith 8ab0c0369f Implement Clone for DNSName. 2017-08-31 11:51:47 -10:00
Brian Smith e973325a6b Add `DNSName`, a String wrapper `String` guaranteed to be a DNS Name. 2017-08-31 11:51:47 -10:00
Brian Smith 8307bd2478 Introduce public `DNSNameRef` DNS name validation API. 2017-08-31 11:50:50 -10:00
Brian Smith 22cd1ab6f5 Add tests/* to Cargo.toml includes. 
In particular, enable the running of the integration tests from the
packaged crate.
 2017-08-29 16:07:32 -10:00
Brian Smith f3d80feafd 0.17.0: Use *ring* 0.17.0, untrusted 0.5.1, base64 0.6.0. 2017-08-27 17:50:25 -10:00
Brian Smith 84da242368 Forbid/deny all lints by default in integration tests. 2017-08-27 12:23:11 -10:00
Brian Smith 2f88818648 Only run trust_anchor_util tests if that feature is enabled. 2017-08-27 12:18:59 -10:00
Brian Smith 8e1eea0670 Fix `use` style in tests/integration.rs. 2017-08-27 12:18:34 -10:00
Brian Smith a15b015761 Remove extra space in comment. 2017-08-27 12:01:15 -10:00
Brian Smith 0e43f59d38 Use `#![forbid]` instead of just `#![deny]` when possible. 2017-08-27 11:56:49 -10:00
Brian Smith 5e04171b16 Don't enumerate warnings for which #[deny(warnings)] applies. 2017-08-27 11:56:48 -10:00
Brian Smith 9dd54974a5 Deny missing_copy_implementations. 2017-08-27 11:56:48 -10:00
Brian Smith 1b6543c2f7 Derive `Debug` for `TLSServerTrustAnchors`. 2017-08-27 11:56:40 -10:00
Brian Smith f7b4e084b5 Deny unused_qualifications again. 
It is no longer needed to allow them.
 2017-08-27 11:56:06 -10:00
Brian Smith 103c6ab22b Test --no-default-features --features=trust_anchor_util config. 2017-08-27 10:24:29 -10:00
Brian Smith 2df22b0fa1 Test no-default-features and all-features modes. 2017-08-27 10:19:45 -10:00
Brian Smith 370f5cbc02 Fix Travis CI. 2017-08-27 01:02:23 -10:00
Brian Smith 03d2500e68 0.16.0. 2017-08-27 00:37:46 -10:00
Brian Smith 785a48b811 Take SystemTime by value (copy) in webpki::Time::try_from. 2017-08-27 00:37:28 -10:00
Brian Smith ba2438dd3c Make `std` a default feature. 2017-08-27 00:37:16 -10:00
Brian Smith e3cd06a02c Add src/{calendar.rs, time.rs} to Cargo.toml; clean up duplicate entries. 2017-08-27 00:07:35 -10:00
Brian Smith a1937781b7 0.14.0. 2017-08-27 00:04:31 -10:00
Brian Smith 1c0c6add49 Take `&TLSServerTrustAnchors` instead of moving it. 
This allows webpki-roots, et al., to expose the trust anchors as a
`TLSServerTrustAnchors`.
 2017-08-25 09:09:46 -10:00
Alex Gaynor 75f00b170a Use newtype for server trust anchors. 
This is a step towards supporting TLS client authentication.
 2017-08-25 09:07:42 -10:00
Brian Smith 2d9eb4c4fa Formatting: Alphabetize `pub use time::Time`. 2017-08-25 09:00:44 -10:00
Brian Smith c70ae1df60 Fix grammar in a name constraint implementation comment. 2017-08-25 09:00:44 -10:00
Brian Smith 21093c6884 Fix mispelling in comment in the name constraint implementation. 2017-08-25 09:00:43 -10:00
Brian Smith 5a739cd967 Replace `try!(...)` with `...?`. 2017-08-25 09:00:43 -10:00
Brian Smith b02fbef2cc Recommend using `Time::try_from()` over `from_seconds_since_unix_epoch()`. 2017-08-22 12:20:53 -10:00
Brian Smith 222e4afdc1 Replace `impl From<SystemTime> for Time` with a `TryFrom`-like polyfill. 
In particular, remove the `unwrap()` so we don't panic when given a
crazy time before the Unix epoch on systems capable of representing
such times.
 2017-08-22 12:20:52 -10:00
Brian Smith 9eefad3c53 Rename `Time::from_seconds_from_unix_epoch()` to `from_seconds_since_unix_epoch()`. 
The two different senses of `from` in the name were confusing & awkward.
 2017-08-18 11:50:45 -10:00
Brian Smith 827d085673 Conform to draft Rust API guidelines regarding "std" feature name. 
See https://rust-lang-nursery.github.io/api-guidelines/naming.html#feature-names-are-free-of-placeholder-words-c-feature.
 2017-08-18 10:46:35 -10:00
Joseph Birr-Pixton 7f38a1dbc7 Expose our own time type `webpki::Time` 
You can make one of these using `webpki::Time::from_seconds_from_unix_epoch`.

- Move ASN1 conversion functions to "calendar.rs", and add some tests.
- The new feature `use_std` adds `from<std::time::SystemTime>` to `webpki::Time`.
- Fixate time in tests/integration to prevent future expiry.
- Add a library-external test of `use_std` feature.
- Run tests with `use_std` and without.
 2017-08-18 10:40:46 -10:00