Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dev.boringcrypto: crypto/tls: in boring.go, RSA key sizes restricted to 2048 and 3072 #41147

riraccuia opened this issue Aug 31, 2020 · 4 comments


Copy link

@riraccuia riraccuia commented Aug 31, 2020

Is there a reason why the IsBoringCertificate() check would not allow RSA key sizes > 3072 ?

Specifically, I am trying to establish a TLS connection to a corporate server that has an intermediate CA whose key size is 4096 and it throws:
tls handshake failed: x509: certificate specifies an incompatible key usage

Seems like this was recently discussed in golang-nuts ( ) but i found no open issue here.


Copy link

@FiloSottile FiloSottile commented Aug 31, 2020

@agl, it looks like there's a good argument for NIST having clarified they'll take 4096. Should we allow it?

@dmitshur dmitshur changed the title dev.boringcrypto - /crypto/tls/boring.go RSA key sizes restricted to 2048 and 3072 dev.boringcrypto: crypto/tls: in boring.go, RSA key sizes restricted to 2048 and 3072 Sep 1, 2020
@dmitshur dmitshur added this to the Backlog milestone Sep 1, 2020
Copy link

@kumpfdp kumpfdp commented Sep 2, 2020

This would be great to be included. Today, we're having to manually apply a patch to that line of code.

Copy link

@agl agl commented Sep 15, 2020

Having looked into this, it doesn't appear that allowing other modulus sizes is strictly compliant with the current validation. However, future validations can be updated to take advantage of the increased flexibility now allowed by the IG. We expect to do this, but have no timelines to announce and do not currently have a revalidation in progress.

Copy link

@sfc-gh-dwu sfc-gh-dwu commented May 11, 2021

It's 2021 now, any update on when we can get 4096bit validated?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
6 participants