cybercyst/go
1
0
Fork 0
mirror of https://github.com/golang/go.git synced 2025-05-31 04:02:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

crypto/tls,crypto/x509: clarify certificate ownership

Browse Source 
Clarify documentation in cases where certificates returned from
various methods are not owned by the caller, and as such should not
be modified.

Change-Id: I06bdc4cf0f686c3d5e8bbb76fc71f2a4bdb955e3
Reviewed-on: https://go-review.googlesource.com/c/go/+/427155
Auto-Submit: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Heschi Kreinick <heschi@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
This commit is contained in:
Roland Shoemaker 2022-08-31 12:24:21 -07:00 committed by Gopher Robot
parent 5a3900b23c
commit ffa03f6bac
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/crypto/tls/common.go
View File

@ -246,6 +246,8 @@ type ConnectionState struct {
// On the client side, it can't be empty. On the server side, it can be // On the client side, it can't be empty. On the server side, it can be
// empty if Config.ClientAuth is not RequireAnyClientCert or // empty if Config.ClientAuth is not RequireAnyClientCert or
// RequireAndVerifyClientCert. // RequireAndVerifyClientCert.
//
// PeerCertificates and its contents should not be modified.
PeerCertificates []*x509.Certificate PeerCertificates []*x509.Certificate
// VerifiedChains is a list of one or more chains where the first element is // VerifiedChains is a list of one or more chains where the first element is
@ -255,6 +257,8 @@ type ConnectionState struct {
// On the client side, it's set if Config.InsecureSkipVerify is false. On // On the client side, it's set if Config.InsecureSkipVerify is false. On
// the server side, it's set if Config.ClientAuth is VerifyClientCertIfGiven // the server side, it's set if Config.ClientAuth is VerifyClientCertIfGiven
// (and the peer provided a certificate) or RequireAndVerifyClientCert. // (and the peer provided a certificate) or RequireAndVerifyClientCert.
//
// VerifiedChains and its contents should not be modified.
VerifiedChains [][]*x509.Certificate VerifiedChains [][]*x509.Certificate
// SignedCertificateTimestamps is a list of SCTs provided by the peer // SignedCertificateTimestamps is a list of SCTs provided by the peer
@ -554,6 +558,8 @@ type Config struct {
// If GetCertificate is nil or returns nil, then the certificate is // If GetCertificate is nil or returns nil, then the certificate is
// retrieved from NameToCertificate. If NameToCertificate is nil, the // retrieved from NameToCertificate. If NameToCertificate is nil, the
// best element of Certificates will be used. // best element of Certificates will be used.
//
// Once a Certificate is returned it should not be modified.
GetCertificate func(*ClientHelloInfo) (*Certificate, error) GetCertificate func(*ClientHelloInfo) (*Certificate, error)
// GetClientCertificate, if not nil, is called when a server requests a // GetClientCertificate, if not nil, is called when a server requests a
@ -569,6 +575,8 @@ type Config struct {
// //
// GetClientCertificate may be called multiple times for the same // GetClientCertificate may be called multiple times for the same
// connection if renegotiation occurs or if TLS 1.3 is in use. // connection if renegotiation occurs or if TLS 1.3 is in use.
//
// Once a Certificate is returned it should not be modified.
GetClientCertificate func(*CertificateRequestInfo) (*Certificate, error) GetClientCertificate func(*CertificateRequestInfo) (*Certificate, error)
// GetConfigForClient, if not nil, is called after a ClientHello is // GetConfigForClient, if not nil, is called after a ClientHello is
@ -597,6 +605,8 @@ type Config struct {
// setting InsecureSkipVerify, or (for a server) when ClientAuth is // setting InsecureSkipVerify, or (for a server) when ClientAuth is
// RequestClientCert or RequireAnyClientCert, then this callback will // RequestClientCert or RequireAnyClientCert, then this callback will
// be considered but the verifiedChains argument will always be nil. // be considered but the verifiedChains argument will always be nil.
//
// verifiedChains and its contents should not be modified.
VerifyPeerCertificate func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error VerifyPeerCertificate func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error
// VerifyConnection, if not nil, is called after normal certificate // VerifyConnection, if not nil, is called after normal certificate

2
src/crypto/x509/verify.go
View File

@ -745,6 +745,8 @@ func (c *Certificate) isValid(certType int, currentChain []*Certificate, opts *V
// Certificates that use SHA1WithRSA and ECDSAWithSHA1 signatures are not supported, // Certificates that use SHA1WithRSA and ECDSAWithSHA1 signatures are not supported,
// and will not be used to build chains. // and will not be used to build chains.
// //
// Certificates other than c in the returned chains should not be modified.
//
// WARNING: this function doesn't do any revocation checking. // WARNING: this function doesn't do any revocation checking.
func (c *Certificate) Verify(opts VerifyOptions) (chains [][]*Certificate, err error) { func (c *Certificate) Verify(opts VerifyOptions) (chains [][]*Certificate, err error) {
// Platform-specific verification needs the ASN.1 contents so // Platform-specific verification needs the ASN.1 contents so