Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
GitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
crypto/x509: certificate with signature RMD160 shows wrong error message #5301
Comment 3 by email@example.com:
The package x509 does not support RMD160 for the signature algorithm. http://golang.org/pkg/crypto/x509/#SignatureAlgorithm However, somebody can to use OpenSSL to create a certificate with that signature and try to use it in Go; then you'll see the failure.
Comment 8 by firstname.lastname@example.org:
In the attachment, there are a stuff related to certificate built with SHA1 digest and another one with RPM160. To run the test: $ go run x509.go -rpmd client: dial: x509: certificate signed by unknown authority $ go run x509.go -sha1 November Rain result: true * * * Like you can check, when it is used the certificate with signature algorithm RMD160, it shows the error: x509: certificate signed by unknown authority
@bradfitz yes, it is still gives the same error
$ go run x509.go -rpmd client: dial: x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: algorithm unimplemented" while trying to verify candidate authority certificate "Foo Certification Authority - RMD160") exit status 1
However this bug is a duplicate of #7735 opened by @agl (a year after that one), however @agl's bug and title are focused on fixing the actual problem which is an improved error message when the hash is not supported/wasn't compiled in.