diff options
Diffstat (limited to 'src/crypto/tls/handshake_client.go')
-rw-r--r-- | src/crypto/tls/handshake_client.go | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/src/crypto/tls/handshake_client.go b/src/crypto/tls/handshake_client.go index 0ef87d4d77..0bb6a0aaef 100644 --- a/src/crypto/tls/handshake_client.go +++ b/src/crypto/tls/handshake_client.go @@ -17,8 +17,10 @@ import ( "errors" "fmt" "hash" + "internal/godebug" "io" "net" + "strconv" "strings" "time" ) @@ -857,9 +859,20 @@ func (hs *clientHandshakeState) sendFinished(out []byte) error { return nil } -// maxRSAKeySize is the maximum RSA key size in bits that we are willing +// defaultMaxRSAKeySize is the maximum RSA key size in bits that we are willing // to verify the signatures of during a TLS handshake. -const maxRSAKeySize = 8192 +const defaultMaxRSAKeySize = 8192 + +var tlsmaxrsasize = godebug.New("tlsmaxrsasize") + +func checkKeySize(n int) (max int, ok bool) { + if v := tlsmaxrsasize.Value(); v != "" { + if max, err := strconv.Atoi(v); err == nil { + return max, n <= max + } + } + return defaultMaxRSAKeySize, n <= defaultMaxRSAKeySize +} // verifyServerCertificate parses and verifies the provided chain, setting // c.verifiedChains and c.peerCertificates or sending the appropriate alert. @@ -872,9 +885,12 @@ func (c *Conn) verifyServerCertificate(certificates [][]byte) error { c.sendAlert(alertBadCertificate) return errors.New("tls: failed to parse certificate from server: " + err.Error()) } - if cert.cert.PublicKeyAlgorithm == x509.RSA && cert.cert.PublicKey.(*rsa.PublicKey).N.BitLen() > maxRSAKeySize { - c.sendAlert(alertBadCertificate) - return fmt.Errorf("tls: server sent certificate containing RSA key larger than %d bits", maxRSAKeySize) + if cert.cert.PublicKeyAlgorithm == x509.RSA { + n := cert.cert.PublicKey.(*rsa.PublicKey).N.BitLen() + if max, ok := checkKeySize(n); !ok { + c.sendAlert(alertBadCertificate) + return fmt.Errorf("tls: server sent certificate containing RSA key larger than %d bits", max) + } } activeHandles[i] = cert certs[i] = cert.cert |