mirror of
https://github.com/golang/go
synced 2024-11-23 21:00:06 -07:00
crypto/x509: recognise ISO OID for RSA+SHA1
For some reason, ISO decided to duplicate the OID for RSA+SHA1. Most pertinantly, the makecert.exe utility on Windows is known to have used this OID. This change makes the ISO OID an alias for the normal one. Change-Id: I60b76265bf1721282bdb0d5c99c98d227c18a878 Reviewed-on: https://go-review.googlesource.com/27394 Run-TryBot: Adam Langley <agl@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
This commit is contained in:
parent
0da545d128
commit
bcd54f6ca5
@ -296,6 +296,11 @@ var (
|
||||
oidSHA512 = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 2, 3}
|
||||
|
||||
oidMGF1 = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 8}
|
||||
|
||||
// oidISOSignatureSHA1WithRSA means the same as oidSignatureSHA1WithRSA
|
||||
// but it's specified by ISO. Microsoft's makecert.exe has been known
|
||||
// to produce certificates with this OID.
|
||||
oidISOSignatureSHA1WithRSA = asn1.ObjectIdentifier{1, 3, 14, 3, 2, 29}
|
||||
)
|
||||
|
||||
var signatureAlgorithmDetails = []struct {
|
||||
@ -307,6 +312,7 @@ var signatureAlgorithmDetails = []struct {
|
||||
{MD2WithRSA, oidSignatureMD2WithRSA, RSA, crypto.Hash(0) /* no value for MD2 */},
|
||||
{MD5WithRSA, oidSignatureMD5WithRSA, RSA, crypto.MD5},
|
||||
{SHA1WithRSA, oidSignatureSHA1WithRSA, RSA, crypto.SHA1},
|
||||
{SHA1WithRSA, oidISOSignatureSHA1WithRSA, RSA, crypto.SHA1},
|
||||
{SHA256WithRSA, oidSignatureSHA256WithRSA, RSA, crypto.SHA256},
|
||||
{SHA384WithRSA, oidSignatureSHA384WithRSA, RSA, crypto.SHA384},
|
||||
{SHA512WithRSA, oidSignatureSHA512WithRSA, RSA, crypto.SHA512},
|
||||
|
@ -1381,3 +1381,27 @@ func TestRSAMissingNULLParameters(t *testing.T) {
|
||||
t.Errorf("unrecognised error when parsing certificate with missing RSA NULL parameter: %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
const certISOOID = `
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIB5TCCAVKgAwIBAgIQtwyL3RPWV7dJQp34HwZG9DAJBgUrDgMCHQUAMBExDzAN
|
||||
BgNVBAMTBm15dGVzdDAeFw0xNjA4MDkyMjExMDVaFw0zOTEyMzEyMzU5NTlaMBEx
|
||||
DzANBgNVBAMTBm15dGVzdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArzIH
|
||||
GsyDB3ohIGkkvijF2PTRUX1bvOtY1eUUpjwHyu0twpAKSuaQv2Ha+/63+aHe8O86
|
||||
BT+98wjXFX6RFSagtAujo80rIF2dSm33BGt18pDN8v6zp93dnAm0jRaSQrHJ75xw
|
||||
5O+S1oEYR1LtUoFJy6qB104j6aINBAgOiLIKiMkCAwEAAaNGMEQwQgYDVR0BBDsw
|
||||
OYAQVuYVQ/WDjdGSkZRlTtJDNKETMBExDzANBgNVBAMTBm15dGVzdIIQtwyL3RPW
|
||||
V7dJQp34HwZG9DAJBgUrDgMCHQUAA4GBABngrSkH7vG5lY4sa4AZF59lAAXqBVJE
|
||||
J4TBiKC62hCdZv18rBleP6ETfhbPg7pTs8p4ebQbpmtNxRS9Lw3MzQ8Ya5Ybwzj2
|
||||
NwBSyCtCQl7mrEg4nJqJl4A2EUhnET/oVxU0oTV/SZ3ziGXcY1oG1s6vidV7TZTu
|
||||
MCRtdSdaM7g3
|
||||
-----END CERTIFICATE-----`
|
||||
|
||||
func TestISOOIDInCertificate(t *testing.T) {
|
||||
block, _ := pem.Decode([]byte(certISOOID))
|
||||
if cert, err := ParseCertificate(block.Bytes); err != nil {
|
||||
t.Errorf("certificate with ISO OID failed to parse: %s", err)
|
||||
} else if cert.SignatureAlgorithm == UnknownSignatureAlgorithm {
|
||||
t.Errorf("ISO OID not recognised in certificate")
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user