diff options
author | Mikkel Krautz <mikkel@krautz.dk> | 2011-04-11 11:20:12 -0400 |
---|---|---|
committer | Adam Langley <agl@golang.org> | 2011-04-11 11:20:12 -0400 |
commit | e2348deeec9da2f0603bb6245c0dda0c721c9ec3 (patch) | |
tree | 72b58276b5a988f10a75571ac4d2af9a51b88cb0 | |
parent | fe3dcfee274a41456187970f6059d091f9dbb525 (diff) | |
download | go-e2348deeec9da2f0603bb6245c0dda0c721c9ec3.tar.gz go-e2348deeec9da2f0603bb6245c0dda0c721c9ec3.zip |
crypto/x509: expose complete DER data
R=agl1
CC=golang-dev
https://golang.org/cl/4376049
-rw-r--r-- | src/pkg/crypto/x509/x509.go | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/pkg/crypto/x509/x509.go b/src/pkg/crypto/x509/x509.go index 6825030d6f..2a57f87583 100644 --- a/src/pkg/crypto/x509/x509.go +++ b/src/pkg/crypto/x509/x509.go @@ -90,6 +90,7 @@ func MarshalPKCS1PrivateKey(key *rsa.PrivateKey) []byte { // These structures reflect the ASN.1 structure of X.509 certificates.: type certificate struct { + Raw asn1.RawContent TBSCertificate tbsCertificate SignatureAlgorithm algorithmIdentifier SignatureValue asn1.BitString @@ -343,7 +344,8 @@ const ( // A Certificate represents an X.509 certificate. type Certificate struct { - Raw []byte // Raw ASN.1 DER contents. + Raw []byte // Complete ASN.1 DER content (certificate, signature algorithm and signature). + RawTBSCertificate []byte // Certificate part of raw ASN.1 DER content. Signature []byte SignatureAlgorithm SignatureAlgorithm @@ -434,7 +436,7 @@ func (c *Certificate) CheckSignatureFrom(parent *Certificate) (err os.Error) { return UnsupportedAlgorithmError{} } - h.Write(c.Raw) + h.Write(c.RawTBSCertificate) digest := h.Sum() return rsa.VerifyPKCS1v15(pub, hashType, digest, c.Signature) @@ -558,7 +560,8 @@ func parsePublicKey(algo PublicKeyAlgorithm, asn1Data []byte) (interface{}, os.E func parseCertificate(in *certificate) (*Certificate, os.Error) { out := new(Certificate) - out.Raw = in.TBSCertificate.Raw + out.Raw = in.Raw + out.RawTBSCertificate = in.TBSCertificate.Raw out.Signature = in.SignatureValue.RightAlign() out.SignatureAlgorithm = @@ -996,6 +999,7 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub *rsa.P } cert, err = asn1.Marshal(certificate{ + nil, c, algorithmIdentifier{oidSHA1WithRSA}, asn1.BitString{Bytes: signature, BitLength: len(signature) * 8}, |