crypto/x509

return informative error if wrong type passed to MarshalPKIXPublicKeyNeedsFixhelp wanted

#32640 opened 1 week ago by mathieudevos

link Security.framework symbols without cgoNeedsFixOS-Darwin

#32604 opened 1 week ago by FiloSottile

unexpected name mismatch errorNeedsInvestigation

#31440 opened 2 months ago by sneis

encoding/asn1.ObjectIdentifier and crypto/x509.ParseCertificate do not support int > 31 bits, preventing support of OID 2.25 (/UUID) (follow-up on #19933)NeedsInvestigation

#30757 opened 3 months ago by vpelletier

RSAES-OAEP supportFeatureRequestNeedsInvestigation

#30416 opened 3 months ago by DenisKarch

certificates with AKID don't chain to parents without SKIDNeedsFix

#30079 opened 4 months ago by FiloSottile

DN OU orderingNeedsInvestigation

#29040 opened 6 months ago by rikkuness

verify checks root certificateNeedsInvestigation

#28971 opened 6 months ago by vit3k

(*Certificate).Equals panics for nil valuesNeedsDecision

#28743 opened 7 months ago by empijei

Insufficient verification of ServerName when certificate is wildcardNeedsFix

#27591 opened 9 months ago by int-tt

add functions to download certificates from windows update, and retrieve certificates from windows x509storesOS-WindowsProposalProposal-Crypto

#26950 opened 10 months ago by jeet-parekh

parse trust settings in root_nocgo_darwinNeedsFix

#26830 opened 10 months ago by FiloSottile

reduce memory usage when parsing system root certs?Performance

#26731 opened 10 months ago by bradfitz

add SubjectKeyId automatically when IsCA is trueNeedsFix

#26676 opened 11 months ago by FiloSottile

doc: clarify package is aimed towards Web PKI support DocumentationNeedsFix

#26624 opened 11 months ago by adamdecaf

Create typed versions of ParsePKCS8PrivateKeyNeedsInvestigation

#26485 opened 11 months ago by HaraldNordgren

reject UTF-8 namesNeedsFix

#26362 opened 11 months ago by FiloSottile

http.Response.TLS.VerifiedChains behavior changed in go1.9NeedsInvestigation

#24685 opened 1 year ago by nolith

multi-value RDN sequence is not properly DER-orderedNeedsFixrelease-blocker

#24254 opened 1 year ago by mrogers950

ensure CreateCertificate won't generate unparsable certificatesNeedsFix

#24156 opened 1 year ago by FiloSottile

NameConstraintsWithoutSANs when checking signing certificateNeedsFixProposal-Crypto

#24151 opened 1 year ago by thsnr

add support to get SSL context from certificate store on windowsOS-WindowsProposalProposal-Crypto

#23282 opened 2 years ago by tsaridas

Truncate DSA signed data's hash before verificationNeedsInvestigation

#22017 opened 2 years ago by Tasssadar

Provide a mechanism for accessing SRVNamesProposalProposal-Accepted

#21789 opened 2 years ago by SamWhited

does not notice if an RSA SignatureAlgorithm is missing parametersNeedsFix

#21118 opened 2 years ago by agl

AKI is left blank even for non-self-signed cert when subject matches CA's subject fieldNeedsInvestigation

#20002 opened 2 years ago by mikesmitty

TestSystemVerify flake on windowsBuildersOS-WindowsTestinghelp wanted

#19564 opened 2 years ago by josharian

FetchPEMRoots on macOS takes 20 seconds when there are a lot of trust settingsNeedsInvestigationOS-Darwinhelp wanted

#19561 opened 2 years ago by tbodt

make SystemCertPool work on Windows?NeedsFixOS-Windowshelp wanted

#16736 opened 2 years ago by bradfitz

CertificateRequest does not support attributes not covered by pkix.AttributeTypeAndValueSET

#15995 opened 3 years ago by groob

support DirectoryName name constraintsNeedsDecision

#15196 opened 3 years ago by vanbroup

no support for parsing encrypted PKCS8 private keysFeatureRequest

#8860 opened 4 years ago by gopherbot

add more detail to the error message arising from a missing hash function.NeedsFixhelp wanted

#7735 opened 5 years ago by agl