mirror of https://github.com/golang/go.git
082cfabf12
Refuse to create certificates with negative serial numbers, as they are explicitly disallowed by RFC 5280. We still allow parsing certificates with negative serial numbers, because in the past there were buggy CA implementations which would produce them (although there are currently *no* trusted certificates that have this issue). We may want to revisit this decision if we can find metrics about the prevalence of this issue in enterprise settings. Change-Id: I131262008db99b6354f542f335abc68775a2d6d0 Reviewed-on: https://go-review.googlesource.com/c/go/+/400494 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Roland Shoemaker <roland@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Auto-Submit: Roland Shoemaker <roland@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> |
||
|---|---|---|
| .. | ||
| aes | ||
| cipher | ||
| des | ||
| dsa | ||
| ecdsa | ||
| ed25519 | ||
| elliptic | ||
| hmac | ||
| internal | ||
| md5 | ||
| rand | ||
| rc4 | ||
| rsa | ||
| sha1 | ||
| sha256 | ||
| sha512 | ||
| subtle | ||
| tls | ||
| x509 | ||
| crypto.go | ||
| issue21104_test.go | ||