crypto/x509: test for negative RSA parameters. Someone found software that generates negative numbers for the RSA modulus in an X.509 certificate. Our error messages were very poor in this case so this change improves that. Update #4728 Return more helpful errors when RSA parameters are negative or zero. R=golang-dev, rsc CC=golang-dev https://golang.org/cl/7228072

commit: 5c659d736241f4904eb3d513f9f585397a3ed8af [log] [tgz]
author: Adam Langley <agl@golang.org> Thu Jan 31 12:54:37 2013 -0500
committer: Adam Langley <agl@golang.org> Thu Jan 31 12:54:37 2013 -0500
tree: fa7e61d87140e99e7c6f34edea2891565a9fb648
parent: 8b6534b78af791b80f371857a15d76bbc10fd012 [diff]
diff --git a/src/pkg/crypto/x509/x509.go b/src/pkg/crypto/x509/x509.go
index 7983217..005d36d 100644
--- a/src/pkg/crypto/x509/x509.go
+++ b/src/pkg/crypto/x509/x509.go

@@ -660,6 +660,13 @@
 			return nil, err
 		}
 
+		if p.N.Sign() <= 0 {
+			return nil, errors.New("x509: RSA modulus is not a positive number")
+		}
+		if p.E <= 0 {
+			return nil, errors.New("x509: RSA public exponent is not a positive number")
+		}
+
 		pub := &rsa.PublicKey{
 			E: p.E,
 			N: p.N,
commit	5c659d736241f4904eb3d513f9f585397a3ed8af	[log] [tgz]
author	Adam Langley <agl@golang.org>	Thu Jan 31 12:54:37 2013 -0500
committer	Adam Langley <agl@golang.org>	Thu Jan 31 12:54:37 2013 -0500
tree	fa7e61d87140e99e7c6f34edea2891565a9fb648
parent	8b6534b78af791b80f371857a15d76bbc10fd012 [diff]