Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support PKCS1 with MD5SHA1 #75

Merged
merged 2 commits into from
Nov 25, 2024
Merged

Support PKCS1 with MD5SHA1 #75

merged 2 commits into from
Nov 25, 2024

Conversation

qmuntal
Copy link
Member

@qmuntal qmuntal commented Nov 25, 2024

The MD5SHA1 hash is not supported by CNG, but the AlgId field is only used to pad the signature with the hash OID, and PKCS1 has historically used a null OID for MD5SHA1.

This is a special case for compatibility with TLS 1.0/1.1. We were previously falling back to Go crypto.

While here, add a check that verifies the length of the hashed message is correct for the given hash function. This was previously done by CNG, but CNG won't check this property for MD5SHA1 digests, so we need to do it ourselves. It is also a nice usability improvement, as we now return the same error message as upstream for this error condition.

cng/rsa.go Show resolved Hide resolved
cng/rsa.go Show resolved Hide resolved
cng/rsa.go Show resolved Hide resolved
@karianna karianna merged commit 550ad80 into main Nov 25, 2024
17 checks passed
@qmuntal
Copy link
Member Author

qmuntal commented Dec 11, 2024

For microsoft/go#1416.

@dagood dagood deleted the rsamd5sha1 branch December 11, 2024 18:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants