Tag: Branch: Tree: 1a668b39d5

2214

2272

2311

2357

2490

2564

2623

2661

2704

2785

2883

2924

2987

3029

3071

3112

3202

3239

3282

3359

3538

3945

chromium-2214

chromium-2272

chromium-2311

chromium-2357

chromium-2490

chromium-2564

chromium-2623

chromium-2661

chromium-2704

chromium-2883

chromium-2924

chromium-2987

chromium-3029

chromium-3071

chromium-3112

chromium-3202

chromium-3239

chromium-3282

chromium-3359

chromium-3538

chromium-3945

chromium-5359

chromium-5414

chromium-stable

chromium-stable-with-bazel

esni

fips-20180730

fips-20220613

fips-20230428

fips-20240407

fips-20240805

fips-20250107

fips-android-20191008

grpc-202302

infra/config

main

main-with-bazel

master

master-with-bazel

0.20240913.0

0.20240930.0

0.20241024.0

0.20241203.0

0.20241209.0

0.20250114.0

0.20250212.0

fips-20170615

fips-20180730

fips-20190808

fips-20210429

fips-20220613

fips-android-20191020

version_for_cocoapods_1.0

version_for_cocoapods_10.0

version_for_cocoapods_2.0

version_for_cocoapods_3.0

version_for_cocoapods_4.0

version_for_cocoapods_5.0

version_for_cocoapods_6.0

version_for_cocoapods_7.0

version_for_cocoapods_8.0

version_for_cocoapods_9.0

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '1a668b39d5'

${ noResults }

Commit Graph

2 Commits (1a668b39d5d2287f1fcdcf19a9d0e747b40f86ef)

Author	SHA1	Message	Date
David Benjamin	1264f0ce35	Correctly order PKCS#7 certificates and CRLs. ... PKCS#7 stores certificates and CRLs in (implicitly-tagged) SET OF types. This means they're unordered and, in DER, must be sorted. We currently sort neither. OpenSSL upstream sorts CRLs but doesn't sort certificates. https://github.com/openssl/openssl/pull/13143 reports that Microsoft has a stricter parser that checks this. This CL fixes both fields in our serializer. This does not change the parsing code, which still preserves whatever order we happened to find, but I've updated the documentation to clarify that callers should not rely on the ordering. Based on [0] and the odd order in kPKCS7NSS, I believe this aligns with NSS's behavior. Update-Note: It is no longer the case that constructing a PKCS#7 file and parsing them back out will keep the certificates and CRLs in the same order. [0] https://source.chromium.org/chromium/chromium/src/+/main:chrome/common/net/x509_certificate_model_nss_unittest.cc;drc=c91b0c37b5ddf31cffd732c661c0c5930b0740f4;l=286 Change-Id: If776bb78476557af2c4598f1b6dc10e189adab5d Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47304 Reviewed-by: Adam Langley <agl@google.com>	4 years ago
Adam Langley	fb0c05cac2	acvp: add CMAC-AES support. ... Change by Dan Janni. Change-Id: I3f059e7b1a822c6f97128ca92a693499a3f7fa8f Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/41984 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: David Benjamin <davidben@google.com>	5 years ago