]> Cypherpunks repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8409251)
crypto/x509: clarify that CheckSignatureFrom and CheckSignature are low-level APIs
authorFilippo Valsorda <filippo@golang.org>
Wed, 4 Jan 2023 20:51:50 +0000 (21:51 +0100)
committerGopher Robot <gobot@golang.org>
Tue, 17 Jan 2023 16:22:02 +0000 (16:22 +0000)
In particular, CheckSignatureFrom just can't check the path length
limit, because it might be enforced above the parent.

We don't need to document the supported signature algorithms for
CheckSignatureFrom, since we document at the constants in what contexts
they are allowed and not. That does leave CheckSignature ambiguous,
though, because that function doesn't have an explicit context.

Change-Id: I4c107440a93f60bc0de07df2b7efeb1a4a766da0
Reviewed-on: https://go-review.googlesource.com/c/go/+/460537
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>

src/crypto/x509/x509.go patch | blob | history

diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go
index c72010c1e38830e29a3b520caea6619dc4cb9b12..36229bba4f1ca838bfa236a63b525a47893a1075 100644 (file)
--- a/src/crypto/x509/x509.go
+++ b/src/crypto/x509/x509.go
@@ -815,8 +815,10 @@ func (c *Certificate) hasSANExtension() bool {
        return oidInExtensions(oidExtensionSubjectAltName, c.Extensions)
 }
 
-// CheckSignatureFrom verifies that the signature on c is a valid signature
-// from parent. SHA1WithRSA and ECDSAWithSHA1 signatures are not supported.
+// CheckSignatureFrom verifies that the signature on c is a valid signature from parent.
+//
+// This is a low-level API that performs very limited checks, and not a full
+// path verifier. Most users should use [Certificate.Verify] instead.
 func (c *Certificate) CheckSignatureFrom(parent *Certificate) error {
        // RFC 5280, 4.2.1.9:
        // "If the basic constraints extension is not present in a version 3
@@ -836,13 +838,16 @@ func (c *Certificate) CheckSignatureFrom(parent *Certificate) error {
                return ErrUnsupportedAlgorithm
        }
 
-       // TODO(agl): don't ignore the path length constraint.
-
        return checkSignature(c.SignatureAlgorithm, c.RawTBSCertificate, c.Signature, parent.PublicKey, false)
 }
 
 // CheckSignature verifies that signature is a valid signature over signed from
 // c's public key.
+//
+// This is a low-level API that performs no validity checks on the certificate.
+//
+// [MD5WithRSA] signatures are rejected, while [SHA1WithRSA] and [ECDSAWithSHA1]
+// signatures are currently accepted.
 func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature []byte) error {
        return checkSignature(algo, signed, signature, c.PublicKey, true)
 }
Go GOST TLS 1.3