Add CRL logic to certificate verification #94
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The [`UnverifiedCertificateChain::verify`] method now takes a list of CRLs to check for revoked certificates.
This was referenced May 22, 2023
This was referenced May 22, 2023
Merged
|
Current dependencies on/for this PR:
This comment was auto-generated by Graphite. |
❌ Unreviewed dependencies found
|
Codecov Report
@@ Coverage Diff @@
## nick/remove-alternate-cert-logic #94 +/- ##
====================================================================
+ Coverage 97.63% 97.81% +0.17%
====================================================================
Files 6 6
Lines 1736 1919 +183
====================================================================
+ Hits 1695 1877 +182
- Misses 41 42 +1
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
nick-mobilecoin
requested review from
eranrund and
cbeck88
and removed request for
a team
nick-mobilecoin
commented
May 23, 2023
nick-mobilecoin
commented
May 23, 2023
eranrund
approved these changes
May 23, 2023
Previously the x509 types were using multiple `try_from()` implementations. This made it implicit if the user was converting from a PEM or a DER version, but it also made it more likely that someone might inadvertently do `pem.as_bytes()` and have a failure trying to decode the data as DER when in fact it was pem data. Now the dedicated methods ensure the explicit types.
nick-mobilecoin
commented
May 23, 2023
eranrund
approved these changes
May 23, 2023
cbeck88
approved these changes
May 24, 2023
|
@nick-mobilecoin started a stack merge that includes this pull request via Graphite. |
|
@nick-mobilecoin merged this pull request with Graphite. |
4 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The [
UnverifiedCertificateChain::verify] method now takes a list ofCRLs to check for revoked certificates.
Motivation