We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
go1.22.0 linux/amd64
go env
GO111MODULE='' GOARCH='amd64' GOBIN='' GOCACHE='/home/user/.cache/go-build' GOENV='/home/user/.config/go/env' GOEXE='' GOEXPERIMENT='' GOFLAGS='' GOHOSTARCH='amd64' GOHOSTOS='linux' GOINSECURE='' GOMODCACHE='/home/user/go/pkg/mod' GONOPROXY='' GONOSUMDB='' GOOS='linux' GOPATH='/home/user/go' GOPRIVATE='' GOPROXY='https://proxy.golang.org,direct' GOROOT='/home/user/devel/go-1.22' GOSUMDB='sum.golang.org' GOTMPDIR='' GOTOOLCHAIN='auto' GOTOOLDIR='/home/user/devel/go-1.22/pkg/tool/linux_amd64' GOVCS='' GOVERSION='go1.22.0' GCCGO='gccgo' GOAMD64='v1' AR='ar' CC='gcc' CXX='g++' CGO_ENABLED='1' GOMOD='' GOWORK='' CGO_CFLAGS='-O2 -g' CGO_CPPFLAGS='' CGO_CXXFLAGS='-O2 -g' CGO_FFLAGS='-O2 -g' CGO_LDFLAGS='-O2 -g' PKG_CONFIG='pkg-config' GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build2225582694=/tmp/go-build -gno-record-gcc-switches'
Test program:
package main import ( "crypto/x509" "log" "os" ) func main() { data, err := os.ReadFile("cert.crt") if err != nil { log.Fatal(err) } crt, err := x509.ParseCertificate(data) if err != nil { log.Fatal(err) } log.Printf("Certificate: %s", crt.Subject) }
Sample certificate (uncompress with gunzip): cert.crt.gz
gunzip
Run:
go run test.go
2024/02/28 11:40:48 x509: invalid certificate policies exit status 1
Decoding with openssl works:
openssl x509 -in cert.crt -inform der -text -noout Certificate: Data: Version: 3 (0x2) Serial Number: 7c:6d:cd:78:18:4a:91:c6:05:9b:b7:24:55:38:d5:36 ...
2024/02/28 11:40:48 Certificate: <the-subject-of-the-certificate>
The text was updated successfully, but these errors were encountered:
It looks like a badly encoded certificate, this error is returned from this branch
go/src/crypto/x509/parser.go
Lines 446 to 448 in 33013e8
Sorry, something went wrong.
Yep, it is badly encoded it hits this case:
https://github.com/golang/crypto/blob/0aab8d07aefab378c763e8f36aa007544a862aa9/cryptobyte/asn1.go#L800-L802
The last ObjectIdentifier has the length encoded using two bytes, but it should be encoded with one byte.
30810e060c2b0601040181e82d01010b01
No branches or pull requests
Go version
go1.22.0 linux/amd64
Output of
go env
in your module/workspace:What did you do?
Test program:
Sample certificate (uncompress with
gunzip
):cert.crt.gz
Run:
What did you see happen?
Decoding with openssl works:
What did you expect to see?
The text was updated successfully, but these errors were encountered: