Certs signed with the SHA-1 hash function

atc0005 / check-cert

Go-based tooling to check/verify certs

MIT License

20 stars 3 forks source link

Certs signed with the SHA-1 hash function #219

Open atc0005 opened 3 years ago

atc0005 commented 3 years ago

From the Go 1.17 release notes:

Beginning in the next release, Go 1.18, crypto/x509 will reject certificates signed with the SHA-1 hash function. This doesn't apply to self-signed root certificates. Practical attacks against SHA-1 have been demonstrated in 2017 and publicly trusted Certificate Authorities have not issued SHA-1 certificates since 2015.

There are older certs that I have seen signed with the MD5 hash which were exposed with thecertsum tool. If those certs are still supported, then we will likely need to support SHA-1 certs too.

atc0005 commented 2 years ago

From https://go.dev/doc/go1.18#sha1:

Rejecting SHA-1 certificates

crypto/x509 will now reject certificates signed with the SHA-1 hash function. This doesn't apply to self-signed root certificates. Practical attacks against SHA-1 have been demonstrated since 2017 and publicly trusted Certificate Authorities have not issued SHA-1 certificates since 2015.

This can be temporarily reverted by setting the GODEBUG=x509sha1=1 environment variable. This option will be removed in Go 1.19.

atc0005 commented 2 years ago

Potential relevant spot in the code to extend:

https://github.com/atc0005/check-cert/blob/f61c152df2bef61b6cf1f0ecec02152312338a5a/internal/certs/certs.go#L448-L450

atc0005 commented 6 days ago

Looks like this is picking up steam (activity today):

https://github.com/golang/go/issues/41682#issuecomment-2486588681
https://go-review.googlesource.com/c/go/+/629676
- https://go-review.googlesource.com/c/go/+/629676/5/src/crypto/x509/x509.go