New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto/tls: message too long for RSA public key size #10725
Comments
Is this still happening. I tried to get Docker running but failed ("There are no more loopback devices available."). I would assume that this is caused because the test keys are 512-bit, but the keys in the source appear to be 2048 and I don't see any problematically short ones. |
Brad, is this still happening? Regardless, the bug is likely in crypto/tls not crypto/rsa. |
Yes, this is still happening at tip, and is a regression from Go 1.4.
|
The negotiated cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. Signing fails because the message to sign (pkcs overhead + hash) are now > 512 bits and a 512-bit RSA key is used. The problem disappears if the test cert/key in net/http/httptest/server.go are |
Thanks @ebfe. Okay, I can update httptest. |
CL https://golang.org/cl/11720 mentions this issue. |
The
github.com/bradfitz/http2
curl interop tests (which require Docker; see the Makefile) stopped working as of SHA-384 signatures in 1c10598In this test, curl running in a Docker container connects to Go over TLS on localhost. I don't know what TLS configuration curl is trying to use.
The text was updated successfully, but these errors were encountered: