mirror
/
go
mirror of https://github.com/golang/go.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
go/api/next
History
Roland Shoemaker e8d9561997 crypto/x509: implement policy validation 
Implement support for parsing the various policy related extensions,
and for validating the policy graph for chains.

Policy validation is only run if VerifyOptions.CertificatePolicies is
set. Policy validation is run after chains are built. If the computed
policy graph for a chain is invalid, the chain is removed from the set
of returned chains.

This implements the RFC 5280 algorithm as updated by
RFC 9618 [0].

Fixes #68484

[0] https://www.rfc-editor.org/rfc/rfc9618.html

Change-Id: I576432a47ddc404cba966c2b1995365944b8bd26
Reviewed-on: https://go-review.googlesource.com/c/go/+/628616
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
 		2024-11-22 01:28:52 +00:00
..
32936.txt crypto/tls: expose extensions presented by client to GetCertificate 2024-08-09 18:45:11 +00:00
36532.txt testing: add Context 2024-08-20 14:58:54 +00:00
51473.txt runtime: deprecate GOROOT 2024-08-20 22:49:59 +00:00
54670.txt hash/maphash: add WriteComparable and Comparable 2024-10-02 15:54:11 +00:00
61477.txt crypto/hkdf: init package 2024-11-21 22:55:17 +00:00
61515.txt testing: implement testing.B.Loop 2024-09-20 19:09:41 +00:00
61901.txt bytes, strings: add Lines, SplitSeq, SplitAfterSeq, FieldsSeq, FieldsFuncSeq 2024-08-14 18:23:13 +00:00
62005.txt log/slog: add DiscardHandler 2024-11-14 22:27:09 +00:00
62384.txt net,net/netip: implement the encoding.(Binary|Text)Appender 2024-09-23 18:10:51 +00:00
62516.txt testing: add Chdir 2024-08-16 23:48:50 +00:00
63952.txt debug/elf: add SHT_GNU_VERDEF section parsing 2024-11-07 15:23:24 +00:00
66450.txt crypto/subtle: add DIT closure 2024-11-19 16:47:03 +00:00
66626.txt go/types: add go1.23 iterator methods for 10 exported types 2024-07-31 22:54:09 +00:00
67002.txt os: add OpenInRoot 2024-11-20 23:21:51 +00:00
67057.txt crypto/rand: add Text for secure random strings 2024-11-21 22:39:37 +00:00
67535.txt runtime: implement AddCleanup 2024-11-16 03:26:04 +00:00
67552.txt weak: move internal/weak to weak, and update according to proposal 2024-11-18 22:29:23 +00:00
67813.txt net/http: add HTTP2Config 2024-08-29 17:38:46 +00:00
67814.txt net/http: add Protocols field to Server and Transport 2024-11-05 22:14:59 +00:00
67816.txt net/http: add support for unencrypted HTTP/2 2024-11-21 23:48:38 +00:00
68484.txt crypto/x509: implement policy validation 2024-11-22 01:28:52 +00:00
68500.txt crypto/tls: add server-side ECH 2024-11-21 22:50:04 +00:00
69488.txt crypto/pbkdf2: init package 2024-11-21 20:38:05 +00:00
69981.txt crypto/cipher: add NewGCMWithRandomNonce 2024-11-19 16:26:40 +00:00