Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/x509: more descriptive error message for unsupported algorithms such as MD5 with RSA #10431

Closed
mvanotti opened this issue Apr 12, 2015 · 3 comments
Closed

crypto/x509: more descriptive error message for unsupported algorithms such as MD5 with RSA #10431

mvanotti opened this issue Apr 12, 2015 · 3 comments
Labels
FrozenDueToAge
Milestone
Go1.6

Comments

@mvanotti
Copy link

In http://golang.org/src/crypto/x509/x509.go?s=21072:21171#L611 that algorithm is not listed.

Should it be listed? Is it because it is considered insecure?

I've found a certificate issued with the MD5withRSA signature algorithm (used only for testing) but finding the error was really hard. It would be nice to have a better error description for this kind of failures.
@minux
Copy link
Member

minux commented Apr 12, 2015 via email

@mvanotti
Copy link
Author

I see.

In that case, it would be better to have a more descriptive error than..

failed to verify certificate: x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: algorithm unimplemented" while trying to verify candidate authority certificate "testCA")

"algorithm unimplemented".. The algorithm is implemented, it is not supported because it is considered insecure. Which algorithm? In which part of the chain? Which function failed?

Tracking the error took me a while..

@mikioh mikioh changed the title [crypto/x509] CheckSignature does not support MD5withRSA algorithm crypto/x509: CheckSignature does not support MD5withRSA algorithm Apr 14, 2015
@mikioh mikioh changed the title crypto/x509: CheckSignature does not support MD5withRSA algorithm crypto/x509: more descriptive error message for unsupported algorithms such as MD5 with RSA Apr 14, 2015
@mvanotti mvanotti mentioned this issue Apr 14, 2015
Closed
@ianlancetaylor ianlancetaylor added this to the Go1.6 milestone Jun 3, 2015
@gopherbot
Copy link

CL https://golang.org/cl/17380 mentions this issue.

@rsc rsc closed this as completed in 606d9a7 Dec 3, 2015
@jordan-wright jordan-wright mentioned this issue Feb 12, 2016
Closed
@golang golang locked and limited conversation to collaborators Dec 14, 2016
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
Go1.6
Development

No branches or pull requests
4 participants
@minux @mvanotti @ianlancetaylor @gopherbot