boulder

Commit Graph

Author	SHA1	Message	Date
Aaron Gable	e05d47a10a	Replace explicit int loops with range-over-int (#7434 ) This adopts modern Go syntax to reduce the chance of off-by-one errors and remove unnecessary loop variable declarations. Fixes https://github.com/letsencrypt/boulder/issues/7227	2024-04-22 10:34:51 -07:00
Aaron Gable	6ce2ee3efd	Fix flaky test failure from the inexorable forward march of time (#7090 ) People assume that time is a strict progression of cause to effect, but actually, from a nonlinear, non-subjective viewpoint, it's more like a big ball of wibbly-wobbly, timey-wimey... stuff.	2023-09-18 14:03:28 -07:00
Jacob Hoffman-Andrews	f6a005bc25	ca: check correspondence between precertificate and final linting certificate (#6953 ) This introduces a small new package, `precert`, with one function `Correspond` that checks a precertificate against a final certificate to see if they correspond in the relationship described in RFC 6962. This also modifies the `issuance` package so that RequestFromPrecert generates an IssuanceRequest that keeps a reference to the precertificate's bytes. The allows `issuance.Prepare` to do a correspondence check when preparing to sign the final certificate. Note in particular that the correspondence check is done against the _linting_ version of the final certificate. This allows us to catch correspondence problems before the real, trusted signature is actually made. Fixes #6945	2023-06-26 15:35:06 -07:00

Author

SHA1

Message

Date

Aaron Gable

e05d47a10a

Replace explicit int loops with range-over-int (#7434 )

This adopts modern Go syntax to reduce the chance of off-by-one errors
and remove unnecessary loop variable declarations.

Fixes https://github.com/letsencrypt/boulder/issues/7227

2024-04-22 10:34:51 -07:00

Aaron Gable

6ce2ee3efd

Fix flaky test failure from the inexorable forward march of time (#7090 )

People assume that time is a strict progression of cause to effect, but
actually, from a nonlinear, non-subjective viewpoint, it's more like a
big ball of wibbly-wobbly, timey-wimey... stuff.

2023-09-18 14:03:28 -07:00

Jacob Hoffman-Andrews

f6a005bc25

ca: check correspondence between precertificate and final linting certificate (#6953 )

This introduces a small new package, `precert`, with one function
`Correspond` that checks a precertificate against a final certificate to
see if they correspond in the relationship described in RFC 6962.

This also modifies the `issuance` package so that RequestFromPrecert
generates an IssuanceRequest that keeps a reference to the
precertificate's bytes. The allows `issuance.Prepare` to do a
correspondence check when preparing to sign the final certificate. Note
in particular that the correspondence check is done against the
_linting_ version of the final certificate. This allows us to catch
correspondence problems before the real, trusted signature is actually
made.

Fixes #6945

2023-06-26 15:35:06 -07:00

3 Commits