Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x509asn1: add some common ECDSA OIDs #13857

Closed
wants to merge 1 commit into from
Closed

Conversation

Bo98
Copy link
Contributor

@Bo98 Bo98 commented Jun 2, 2024

ecdsa-with-SHA256 and ecdsa-with-SHA384 are used by GitHub.com's certificate chain

See #13845

@bagder
Copy link
Member

bagder commented Jun 2, 2024

Do we actually need this once we merge #13858?

@Bo98
Copy link
Contributor Author

Bo98 commented Jun 2, 2024

It's not necessary in order to fix #13845, but I think it still has some value in that it slightly improves the output of curl -w '%{certs}'.

Before (assuming #13858 already is applied):

Signature Algorithm:1.2.840.10045.4.3.2

After:

Signature Algorithm:ecdsa-with-SHA256

Which is consistent with what we already do for RSA certs:

Signature Algorithm:sha384WithRSAEncryption

and with how it is displayed for other SSL backends that do OID mapping themselves.

So I'd see #13858 as the real bugfix for #13845 and this PR as a cosmetic enhancement for ECDSA certs.

@bagder bagder closed this in eacec9a Jun 2, 2024
@bagder
Copy link
Member

bagder commented Jun 2, 2024

Lovely, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Development

Successfully merging this pull request may close these issues.

None yet

2 participants