]> Cypherpunks repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: c4b2288) | patch
crypto/x509: don't allow too long serials
authorRoland Shoemaker <roland@golang.org>
Thu, 14 Apr 2022 21:02:25 +0000 (14:02 -0700)
committerGopher Robot <gobot@golang.org>
Thu, 14 Apr 2022 22:52:29 +0000 (22:52 +0000)
commitcc43e191ce562cd879a9baaf7a2e4fb1a7216d31
tree925a3b8a957e5f461a580ee953cd3a62fa0c2da9tree
parentc4b2288755d07b9505ef498819bb540b7b0fa215commit | diff
crypto/x509: don't allow too long serials

Don't create certificates that have serial numbers that are longer
than 20 octets (when encoded), since these are explicitly disallowed
by RFC 5280.

Change-Id: I292b7001f45bed0971b2d519b6de26f0b90860ae
Reviewed-on: https://go-review.googlesource.com/c/go/+/400377
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
src/crypto/x509/x509.go diff | blob | history
src/crypto/x509/x509_test.go diff | blob | history
Go GOST TLS 1.3