• Adam Langley's avatar
    crypto/x509: provide better error messages for X.509 verify failures. · b419e2b5
    Adam Langley authored
    Failures caused by errors like invalid signatures or missing hash
    functions cause rather generic, unhelpful error messages because no
    trust chain can be constructed: "x509: certificate signed by unknown
    authority."
    
    With this change, authority errors may contain the reason why an
    arbitary candidate step in the chain was rejected. For example, in the
    event of a missing hash function the error looks like:
    
    x509: certificate signed by unknown authority (possibly because of
    "crypto/x509: cannot verify signature: algorithm unimplemented" while
    trying to verify candidate authority certificate 'Thawte SGC CA')
    
    Fixes 5058.
    
    R=golang-dev, r
    CC=golang-dev
    https://golang.org/cl/9104051
    b419e2b5
Name
Last commit
Last update
..
pkix Loading commit data...
cert_pool.go Loading commit data...
pem_decrypt.go Loading commit data...
pem_decrypt_test.go Loading commit data...
pkcs1.go Loading commit data...
pkcs8.go Loading commit data...
pkcs8_test.go Loading commit data...
root.go Loading commit data...
root_darwin.go Loading commit data...
root_plan9.go Loading commit data...
root_stub.go Loading commit data...
root_unix.go Loading commit data...
root_windows.go Loading commit data...
sec1.go Loading commit data...
sec1_test.go Loading commit data...
verify.go Loading commit data...
verify_test.go Loading commit data...
x509.go Loading commit data...
x509_test.go Loading commit data...