New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
proposal: crypto/x509: add Public Key Algorithms from RFC 4491 #21858
Comments
CC @agl @FiloSottile |
I wonder if this is a good time to discuss how the crypto package could be adapted (in Go 2?) in order to make additional algorithms available via plugins? |
0 is the value of Are you suggesting adding GOST values to @jeffallen There is precedent with hash functions, but it seemed to always cause more trouble than it's worth. Personally I'd rather make sure stdlib packages are decoupled enough to allow forks to be easily plugged in, allowing more than just adding algorithms without a sprawling plugin interface. |
OpenSSL knows about these algorithms even without ability to use it (with disabled GOST engine). Yes, I suggest to add values to The reason why this is not yet implemented neither in stdlib, nor x/crypto, is that Java, C# or OpenSSL (via libopenssl, cgo) is used to create signature or encrypt/decrypt some data. I understand that this is a time-consuming task and therefor I ask about the possibility of adding support If it is possible then I or someone else can implement it and open a pull request. If it's not going to be merged then we should add ability to extend functionality of crypto/x509. Right now it is not possible to know OID of unknown algorithm. |
@FiloSottile no one opened an issue here but tried to implement it in their own packages. |
Ping @agl @FiloSottile |
I'm going to say no on this. GOST algorithms appear to me to be substantially driven by non-technical concerns and they are extremely rare on the public internet. I don't believe this proposal is close to carrying its weight. |
RFC 4491 describes encoding formats,
identifiers, and parameter formats for the algorithms GOST R 34.10-
94, GOST R 34.10-2001, and GOST R 34.11-94 for use in Internet X.509
Public Key Infrastructure (PKI).
It was published at May 2006.
What did you do?
Parsed certificate with GOST R 34.10 Algorithms. Such as:
And tried to get information about public key algorithm:
What did you expect to see?
Expected to see some valid algorithm with value greater then 0:
What did you see instead?
It's unknown algorithm:
The text was updated successfully, but these errors were encountered: