Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
GitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
crypto/x509: parsing of certificates with exponent length > 32bit fails on GOARCH=386 #14129
1.) What version of Go are you using (go version)?
Most certificates use 65537 as exponent which works fine, however according to NIST
Simple go program containing a test certificate to reproduce the error:
@agl: I read your post regarding rsa exponent size and agree that there are likely no security benefits in using exponents larger than 2^31-1. However, I think it would be great if go could handle certificates with reasonably large exponents for compatibility reasons. There is crypto hardware (e.g. some athena smartcards) that generate RSA keys with larger randomly chosen exponents. That means that if they are used for issuer certificates in a PKI chain, go programs will not be able to make TLS connections to any certificates signed by these issuers.
Such certificates work with openssl (and therefore python, ruby, ...) and in current browsers (IE, Firefox, Chrome) which means that the PKI likely won't run into any problems with these certificates. And since they work "everywhere else", it might be easy for them to ignore the issue with go compatiblity.
OpenSSL limits the public exponent at 64 Bit, maybe this would be a reasonable compromise between compatibility and performance for go too?