MCPcopy
hub / github.com/XTLS/REALITY / unsupportedCertificateError

Function unsupportedCertificateError

auth.go:261–297  ·  view source on GitHub ↗

unsupportedCertificateError returns a helpful error for certificates with an unsupported private key.

(cert *Certificate)

Source from the content-addressed store, hash-verified

259// unsupportedCertificateError returns a helpful error for certificates with
260// an unsupported private key.
261func unsupportedCertificateError(cert *Certificate) error {
262 switch cert.PrivateKey.(type) {
263 case rsa.PrivateKey, ecdsa.PrivateKey:
264 return fmt.Errorf("tls: unsupported certificate: private key is %T, expected *%T",
265 cert.PrivateKey, cert.PrivateKey)
266 case *ed25519.PrivateKey:
267 return fmt.Errorf("tls: unsupported certificate: private key is *ed25519.PrivateKey, expected ed25519.PrivateKey")
268 }
269
270 signer, ok := cert.PrivateKey.(crypto.Signer)
271 if !ok {
272 return fmt.Errorf("tls: certificate private key (%T) does not implement crypto.Signer",
273 cert.PrivateKey)
274 }
275
276 switch pub := signer.Public().(type) {
277 case *ecdsa.PublicKey:
278 switch pub.Curve {
279 case elliptic.P256():
280 case elliptic.P384():
281 case elliptic.P521():
282 default:
283 return fmt.Errorf("tls: unsupported certificate curve (%s)", pub.Curve.Params().Name)
284 }
285 case *rsa.PublicKey:
286 return fmt.Errorf("tls: certificate RSA key size too small for supported signature algorithms")
287 case ed25519.PublicKey:
288 default:
289 return fmt.Errorf("tls: unsupported certificate key (%T)", pub)
290 }
291
292 if cert.SupportedSignatureAlgorithms != nil {
293 return fmt.Errorf("tls: peer doesn't support the certificate custom signature algorithms")
294 }
295
296 return fmt.Errorf("tls: internal error: unsupported key (%T)", cert.PrivateKey)
297}

Callers 2

SupportsCertificateMethod · 0.85
selectSignatureSchemeFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…