Skip to content
This repository has been archived by the owner on May 2, 2018. It is now read-only.

Commit

Permalink
crypto/x509: skip SHA2 system verify test if not supported.
Browse files Browse the repository at this point in the history 
Windows XP SP2 and Windows 2003 do not support SHA2.

Change-Id: Ica5faed040e9ced8b79fe78d512586e0e8788b3f
Reviewed-on: https://go-review.googlesource.com/8167
Run-TryBot: Brad Fitzpatrick <[email protected]>
TryBot-Result: Gobot Gobot <[email protected]>
Reviewed-by: Brad Fitzpatrick <[email protected]>
  • Loading branch information
@kardianos @bradfitz
kardianos authored and bradfitz committed Mar 30, 2015
1 parent 9e6f7aa commit cf7461c
Show file tree
Hide file tree
Showing 4 changed files with 35 additions and 0 deletions.
15 changes: 15 additions & 0 deletions src/crypto/x509/sha2_windows_test.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
// Copyright 2015 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package x509

import "internal/syscall/windows"

func init() {
if major, _ := windows.GetVersion(); major < 6 {
// Windows XP SP2 and Windows 2003 do not support SHA2.
// http://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx
supportSHA2 = false
}
}
7 changes: 7 additions & 0 deletions src/crypto/x509/verify_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,8 @@ import (
"time"
)

var supportSHA2 = true

type verifyTest struct {
leaf string
intermediates []string
Expand All @@ -23,6 +25,7 @@ type verifyTest struct {
systemSkip bool
keyUsages []ExtKeyUsage
testSystemRootsError bool
sha2 bool

errorCallback func(*testing.T, int, error) bool
expectedChains [][]string
Expand Down Expand Up @@ -218,6 +221,7 @@ var verifyTests = []verifyTest{
currentTime: 1397502195,
dnsName: "api.moip.com.br",

sha2: true,
expectedChains: [][]string{
{
"api.moip.com.br",
Expand Down Expand Up @@ -297,6 +301,9 @@ func testVerify(t *testing.T, useSystemRoots bool) {
if runtime.GOOS == "windows" && test.testSystemRootsError {
continue
}
if useSystemRoots && !supportSHA2 && test.sha2 {
continue
}

opts := VerifyOptions{
Intermediates: NewCertPool(),
Expand Down
6 changes: 6 additions & 0 deletions src/internal/syscall/windows/syscall_windows.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,7 @@ const (
//sys GetAdaptersAddresses(family uint32, flags uint32, reserved uintptr, adapterAddresses *IpAdapterAddresses, sizeOfPointer *uint32) (errcode error) = iphlpapi.GetAdaptersAddresses

//sys GetComputerNameEx(nameformat uint32, buf *uint16, n *uint32) (err error) = GetComputerNameExW
//sys getVersion() (v uint32) = GetVersion

const (
ComputerNameNetBIOS = 0
Expand All @@ -109,3 +110,8 @@ const (
ComputerNamePhysicalDnsFullyQualified = 7
ComputerNameMax = 8
)

func GetVersion() (major, minor byte) {
low := uint16(getVersion())
return byte(low), byte(low >> 8)
}
7 changes: 7 additions & 0 deletions src/internal/syscall/windows/zsyscall_windows.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ var (

procGetAdaptersAddresses = modiphlpapi.NewProc("GetAdaptersAddresses")
procGetComputerNameExW = modkernel32.NewProc("GetComputerNameExW")
procGetVersion = modkernel32.NewProc("GetVersion")
)

func GetAdaptersAddresses(family uint32, flags uint32, reserved uintptr, adapterAddresses *IpAdapterAddresses, sizeOfPointer *uint32) (errcode error) {
Expand All @@ -34,3 +35,9 @@ func GetComputerNameEx(nameformat uint32, buf *uint16, n *uint32) (err error) {
}
return
}

func getVersion() (v uint32) {
r0, _, _ := syscall.Syscall(procGetVersion.Addr(), 0, 0, 0, 0)
v = uint32(r0)
return
}

0 comments on commit cf7461c

Please sign in to comment.