func TestGoVerify(t *testing.T) {
// Temporarily enable SHA-1 verification since a number of test chains
// require it. TODO(filippo): regenerate test chains.
- defer func(old bool) { debugAllowSHA1 = old }(debugAllowSHA1)
- debugAllowSHA1 = true
+ t.Setenv("GODEBUG", "x509sha1=1")
+
for _, test := range verifyTests {
t.Run(test.name, func(t *testing.T) {
testVerify(t, test, false)
// involves algorithms that are not currently implemented.
var ErrUnsupportedAlgorithm = errors.New("x509: cannot verify signature: algorithm unimplemented")
-// debugAllowSHA1 allows SHA-1 signatures. See issue 41682.
-var debugAllowSHA1 = godebug.Get("x509sha1") == "1"
-
// An InsecureAlgorithmError indicates that the SignatureAlgorithm used to
// generate the signature is not secure, and the signature has been rejected.
//
// TODO(agl): don't ignore the path length constraint.
- return checkSignature(c.SignatureAlgorithm, c.RawTBSCertificate, c.Signature, parent.PublicKey, debugAllowSHA1)
+ return checkSignature(c.SignatureAlgorithm, c.RawTBSCertificate, c.Signature, parent.PublicKey, false)
}
// CheckSignature verifies that signature is a valid signature over signed from
case crypto.MD5:
return InsecureAlgorithmError(algo)
case crypto.SHA1:
- if !allowSHA1 {
+ // SHA-1 signatures are mostly disabled. See go.dev/issue/41682.
+ if !allowSHA1 && godebug.Get("x509sha1") != "1" {
return InsecureAlgorithmError(algo)
}
fallthrough
t.Fatalf("certificate verification returned %v (%T), wanted InsecureAlgorithmError", err, err)
}
- defer func(old bool) { debugAllowSHA1 = old }(debugAllowSHA1)
- debugAllowSHA1 = true
-
+ t.Setenv("GODEBUG", "x509sha1=1")
if err = cert.CheckSignatureFrom(cert); err != nil {
t.Fatalf("SHA-1 certificate did not verify with GODEBUG=x509sha1=1: %v", err)
}
}
func TestDisableSHA1ForCertOnly(t *testing.T) {
- defer func(old bool) { debugAllowSHA1 = old }(debugAllowSHA1)
- debugAllowSHA1 = false
+ t.Setenv("GODEBUG", "")
tmpl := &Certificate{
SerialNumber: big.NewInt(1),