Skip to content

x/crypto/ssh: clarify CertChecker.CheckCert usage #58840

Open
@rolandshoemaker

Description

@rolandshoemaker

CertChecker.CheckCert has a slightly confusing API, as it appears on the surface as the primary method on the type, but it doesn't actually authenticate the certificate at all, rather it validates the contents and should generally be called after CertChecker.Authenticate. In particular the doc comment refers to checking "the signature of the certificate" is perhaps somewhat misleading, since this simply checks that the self-signature on the certificate is valid (both signature and key are attacker controlled, so don't actually impart any trust).

At the minimum we should update the doc comment to be clearer about what it actually does, and that it succeeding does not infer any trust.

cc @FiloSottile

Metadata

Metadata

Assignees

No one assigned

    Labels

    NeedsFixThe path to resolution is known, but the work has not been done.

    Type

    No type

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions