Closed
Bug 921893
Opened 12 years ago
Closed 11 years ago
Verify certificate key usage extension in insanity::pkix
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla30
People
(Reporter: briansmith, Assigned: briansmith)
References
Details
Attachments
(1 file)
|
9.96 KB,
patch
|
keeler
:
review+
cviecco
:
review+
Sylvestre
:
approval-mozilla-aurora+
briansmith
:
checkin+
|
Details | Diff | Splinter Review |
No description provided.
|
Assignee | |
Comment 1•11 years ago
|
||
Attachment #8370953 -
Flags: review?(dkeeler)
Attachment #8370953 -
Flags: review?(cviecco)
|
||
Comment 2•11 years ago
|
||
Comment on attachment 8370953 [details] [diff] [review]
Verify key usage extension in insanity::pkix
Review of attachment 8370953 [details] [diff] [review]:
-----------------------------------------------------------------
Cool.
::: security/insanity/lib/pkixcheck.cpp
@@ +63,5 @@
> + }
> +
> + SECItem tmpItem;
> + Result rv = MapSECStatus(SEC_QuickDERDecodeItem(arena, &tmpItem,
> + SEC_ASN1_GET(SEC_BitStringTemplate),
The indentation here is a bit of a bummer. Maybe have an intermediate variable, assign it the result of SEC_QuickDERDecodeItem, and MapSECStatus that result? Ugh. That probably won't work because of SEC_ASN1_GET(SEC_BitStringTemplate), though... Oh, well. No big deal if this doesn't look super pretty.
Attachment #8370953 -
Flags: review?(dkeeler) → review+
|
||
Updated•11 years ago
|
Attachment #8370953 -
Flags: review?(cviecco) → review+
|
|
Assignee | |
Comment 3•11 years ago
|
||
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla30
|
|
Assignee | |
Updated•11 years ago
|
Attachment #8370953 -
Flags: checkin+
|
|
||
Comment 4•11 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 5•11 years ago
|
||
Comment on attachment 8370953 [details] [diff] [review]
Verify key usage extension in insanity::pkix
[Approval Request Comment]
See bug 878932 comment 37.
Attachment #8370953 -
Flags: approval-mozilla-aurora?
|
||
Comment 6•11 years ago
|
||
Comment on attachment 8370953 [details] [diff] [review]
Verify key usage extension in insanity::pkix
Uplifted granted to the patches relative to the new feature: "Add insanity::pkix as certificate verification option"
Lukas and I discussed with Brian and we think it is important to have this feature for 29 (but disabled by default).
It is early in the aurora process and they have plenty of tests for these feature (and to make sure that the current behaviors are still performing correctly).
Attachment #8370953 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
|
|
Assignee | |
Comment 7•11 years ago
|
||
status-firefox29:
--- → fixed
|
||
Updated•11 years ago
|
status-firefox30:
--- → fixed
You need to log in
before you can comment on or make changes to this bug.
Description
•