diff options
| author | Roland Shoemaker <roland@golang.org> | 2021-01-27 12:00:46 -0800 |
|---|---|---|
| committer | Roland Shoemaker <roland@golang.org> | 2021-01-27 21:04:09 +0000 |
| commit | 35334caf18cb35ecc7a43082b7bfcc7ce8d0de8f (patch) | |
| tree | 84781884f0370267fd903df68c66f327e7b23499 | |
| parent | a5a5e2c968eb14335f4e46606d8edfbdbdcea728 (diff) | |
| download | go-35334caf18cb35ecc7a43082b7bfcc7ce8d0de8f.tar.gz go-35334caf18cb35ecc7a43082b7bfcc7ce8d0de8f.zip | |
crypto/x509: remove leftover CertificateRequest field
Removes the KeyUsage field that was missed in the rollback in
CL 281235.
Also updates CreateCertificateRequest to reflect that these fields
were removed.
For #43407.
Updates #43477.
Updates #37172.
Change-Id: I6244aed4a3ef3c2460c38af5511e5c2e82546179
Reviewed-on: https://go-review.googlesource.com/c/go/+/287392
Trust: Alexander Rakoczy <alex@golang.org>
Trust: Roland Shoemaker <roland@golang.org>
Trust: Dmitri Shuralyov <dmitshur@golang.org>
Run-TryBot: Alexander Rakoczy <alex@golang.org>
Reviewed-by: Alexander Rakoczy <alex@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
| -rw-r--r-- | src/crypto/x509/x509.go | 24 | ||||
| -rw-r--r-- | src/crypto/x509/x509_test.go | 4 |
2 files changed, 0 insertions, 28 deletions
diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go index 42d8158d63..8c0299b11e 100644 --- a/src/crypto/x509/x509.go +++ b/src/crypto/x509/x509.go @@ -1997,15 +1997,6 @@ func buildCSRExtensions(template *CertificateRequest) ([]pkix.Extension, error) }) } - if template.KeyUsage != 0 && - !oidInExtensions(oidExtensionKeyUsage, template.ExtraExtensions) { - ext, err := marshalKeyUsage(template.KeyUsage) - if err != nil { - return nil, err - } - ret = append(ret, ext) - } - return append(ret, template.ExtraExtensions...), nil } @@ -2371,7 +2362,6 @@ type CertificateRequest struct { Version int Signature []byte SignatureAlgorithm SignatureAlgorithm - KeyUsage KeyUsage PublicKeyAlgorithm PublicKeyAlgorithm PublicKey interface{} @@ -2501,15 +2491,6 @@ func parseCSRExtensions(rawAttributes []asn1.RawValue) ([]pkix.Extension, error) // - EmailAddresses // - IPAddresses // - URIs -// - KeyUsage -// - ExtKeyUsage -// - UnknownExtKeyUsage -// - BasicConstraintsValid -// - IsCA -// - MaxPathLen -// - MaxPathLenZero -// - SubjectKeyId -// - PolicyIdentifiers // - ExtraExtensions // - Attributes (deprecated) // @@ -2734,11 +2715,6 @@ func parseCertificateRequest(in *certificateRequest) (*CertificateRequest, error if err != nil { return nil, err } - case extension.Id.Equal(oidExtensionKeyUsage): - out.KeyUsage, err = parseKeyUsageExtension(extension.Value) - if err != nil { - return nil, err - } } } diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go index d5c7ec466b..51dda16815 100644 --- a/src/crypto/x509/x509_test.go +++ b/src/crypto/x509/x509_test.go @@ -2977,7 +2977,6 @@ func TestCertificateRequestRoundtripFields(t *testing.T) { EmailAddresses: []string{"a@example.com", "b@example.com"}, IPAddresses: []net.IP{net.IPv4(192, 0, 2, 0), net.IPv6loopback}, URIs: []*url.URL{urlA, urlB}, - KeyUsage: KeyUsageCertSign, } out := marshalAndParseCSR(t, in) @@ -2995,7 +2994,4 @@ func TestCertificateRequestRoundtripFields(t *testing.T) { if !reflect.DeepEqual(in.URIs, out.URIs) { t.Fatalf("Unexpected URIs: got %v, want %v", out.URIs, in.URIs) } - if in.KeyUsage != out.KeyUsage { - t.Fatalf("Unexpected KeyUsage: got %v, want %v", out.KeyUsage, in.KeyUsage) - } } |