diff options
author | Adam Langley <agl@golang.org> | 2011-12-06 16:42:48 -0500 |
---|---|---|
committer | Adam Langley <agl@golang.org> | 2011-12-06 16:42:48 -0500 |
commit | 02d1dae1069f881ea6b53ecc3cbf3bbe3ac40a72 (patch) | |
tree | 99db9c485d304682c3b1ab429e10d4df25e13fd7 | |
parent | ee8b597b1f1ffa634189cdd8ab23f976f65dab7f (diff) | |
download | go-02d1dae1069f881ea6b53ecc3cbf3bbe3ac40a72.tar.gz go-02d1dae1069f881ea6b53ecc3cbf3bbe3ac40a72.zip |
crypto/x509: if a parent cert has a raw subject, use it.
This avoids a problem when creating certificates with parents that
were produce by other code: the Go structures don't contain all the
information about the various ASN.1 string types etc and so that
information would otherwise be lost.
R=golang-dev, rsc
CC=golang-dev
https://golang.org/cl/5453067
-rw-r--r-- | src/pkg/crypto/x509/x509.go | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/src/pkg/crypto/x509/x509.go b/src/pkg/crypto/x509/x509.go index 7e6b5c96f5..65ca315800 100644 --- a/src/pkg/crypto/x509/x509.go +++ b/src/pkg/crypto/x509/x509.go @@ -927,10 +927,15 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub *rsa.P return } - asn1Issuer, err := asn1.Marshal(parent.Subject.ToRDNSequence()) - if err != nil { - return + var asn1Issuer []byte + if len(parent.RawSubject) > 0 { + asn1Issuer = parent.RawSubject + } else { + if asn1Issuer, err = asn1.Marshal(parent.Subject.ToRDNSequence()); err != nil { + return + } } + asn1Subject, err := asn1.Marshal(template.Subject.ToRDNSequence()) if err != nil { return |