defaultSupportedSignatureAlgorithmsCert returns the signature algorithms that the code advertises as supported for signatures in certificates. We include all algorithms, including SHA-1 and PKCS#1 v1.5, because it's more likely that something on our side will be willing to accept a *-with-SHA1 cert
()
| 54 | // choosing not to send it. crypto/x509 will refuse to verify important SHA-1 |
| 55 | // signatures anyway. |
| 56 | func defaultSupportedSignatureAlgorithmsCert() []SignatureScheme { |
| 57 | return []SignatureScheme{ |
| 58 | PSSWithSHA256, |
| 59 | ECDSAWithP256AndSHA256, |
| 60 | Ed25519, |
| 61 | PSSWithSHA384, |
| 62 | PSSWithSHA512, |
| 63 | PKCS1WithSHA256, |
| 64 | PKCS1WithSHA384, |
| 65 | PKCS1WithSHA512, |
| 66 | ECDSAWithP384AndSHA384, |
| 67 | ECDSAWithP521AndSHA512, |
| 68 | PKCS1WithSHA1, |
| 69 | ECDSAWithSHA1, |
| 70 | } |
| 71 | } |
| 72 | |
| 73 | //var tlsrsakex = godebug.New("tlsrsakex") |
| 74 | //var tls3des = godebug.New("tls3des") |
no outgoing calls
no test coverage detected
searching dependent graphs…