search

JamesTheAwesomeDude / cerdicator

Enhanced TLS indicator with an emphasis on information about the Root Certificate Authority from which the connection's authenticity is derived
https://addons.mozilla.org/en-US/firefox/addon/cerdicator/
1 stars 3 forks source link

OCSP: Indicate if Must-Staple was claimed, but no staple was provided #12

Open JamesTheAwesomeDude opened 3 years ago

JamesTheAwesomeDude commented 3 years ago

https://discourse.mozilla.org/t/webrequest-getsecurityinfo-certificates-pem-format-or-at-least-include-extensions/67138/2

Blocks #7

JamesTheAwesomeDude commented 3 years ago

turns out, I'm just blind.

await webRequest.getSecurityInfo(… rawDER: true});
JamesTheAwesomeDude commented 3 years ago

it's dangerous to go alone; take this!

https://github.com/lapo-luchini/asn1js/blob/1.2.1/asn1.js

JamesTheAwesomeDude commented 3 years ago

…if we're doing the ASN parsing ourselves, how much will we have to worry about potentially malformed or malicious data?

Does Firefox at least enforce its being DER?