bump: x509 - turns out the ~sloppy keys werent sloppy

From ocaml/opam-repository@cf51d08 : * BREAKING Remove `~sloppy` from Private_key.decode_{pem,der}. The seemingly bad RSA keys were valid and should have been accepted by mirage-crypto. (mirleft/ocaml-x509#142 by @psafont)
imandra-ai · Sep 17, 2021 · a75b753 · a75b753
1 parent 11c04c2
commit a75b753
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 5 deletions.
diff --git a/gcloud.opam b/gcloud.opam
@@ -24,6 +24,6 @@ depends: [
   "ppx_deriving_yojson"
   "ppx_here" {test}
   "ssl"
-  "x509" { >= "0.11.2" } # Required for the ~sloppy arg
+  "x509" { >= "0.12.0" } # Required for the ~sloppy:true arg becoming the default
   "yojson"
 ]
diff --git a/src/auth.ml b/src/auth.ml
@@ -315,10 +315,6 @@ let access_token_of_credentials
         let now = Unix.time () in
         Cstruct.of_string c.private_key
         |> X509.Private_key.decode_pem
-           (* Some Gcloud RSA private keys have an invalid [d]. [sloppy:true]
-              will re-create the key from the primes [e], [p] and [q] if that is
-              the case. *)
-             ~sloppy:true
         |> CCResult.map_err (function `Msg msg -> `Bad_credentials_priv_key msg)
         |> Lwt.return
         >>= fun (`RSA priv_key) ->