crypto/x509: add signature verification to CreateCertificate
This changes checks the signature generated during CreateCertificate and returns an error if the verification fails. A benchmark is also added. For RSA keys the delta looks to be insignificant, but for ECDSA keys it introduces a much larger delta which is not ideal. name old time/op new time/op delta RSA_2048-8 1.38ms ± 6% 1.41ms ± 2% ~ (p=0.182 n=10) ECDSA_P256-8 42.6µs ± 4% 116.8µs ± 4% +174.00% (p=0.000 n=1 Fixes #40458 Change-Id: I22827795bb9bb6868b4fa47391927db1d3bc19a1 Reviewed-on: https://go-review.googlesource.com/c/go/+/259697 Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by:Filippo Valsorda <filippo@golang.org> Trust: Emmanuel Odeke <emm.odeke@gmail.com> Trust: Roland Shoemaker <roland@golang.org>
Loading
Please sign in to comment