diff options
| -rw-r--r-- | src/crypto/x509/x509.go | 24 | ||||
| -rw-r--r-- | src/crypto/x509/x509_test.go | 4 |
2 files changed, 0 insertions, 28 deletions
diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go index 42d8158d63..8c0299b11e 100644 --- a/src/crypto/x509/x509.go +++ b/src/crypto/x509/x509.go @@ -1997,15 +1997,6 @@ func buildCSRExtensions(template *CertificateRequest) ([]pkix.Extension, error) }) } - if template.KeyUsage != 0 && - !oidInExtensions(oidExtensionKeyUsage, template.ExtraExtensions) { - ext, err := marshalKeyUsage(template.KeyUsage) - if err != nil { - return nil, err - } - ret = append(ret, ext) - } - return append(ret, template.ExtraExtensions...), nil } @@ -2371,7 +2362,6 @@ type CertificateRequest struct { Version int Signature []byte SignatureAlgorithm SignatureAlgorithm - KeyUsage KeyUsage PublicKeyAlgorithm PublicKeyAlgorithm PublicKey interface{} @@ -2501,15 +2491,6 @@ func parseCSRExtensions(rawAttributes []asn1.RawValue) ([]pkix.Extension, error) // - EmailAddresses // - IPAddresses // - URIs -// - KeyUsage -// - ExtKeyUsage -// - UnknownExtKeyUsage -// - BasicConstraintsValid -// - IsCA -// - MaxPathLen -// - MaxPathLenZero -// - SubjectKeyId -// - PolicyIdentifiers // - ExtraExtensions // - Attributes (deprecated) // @@ -2734,11 +2715,6 @@ func parseCertificateRequest(in *certificateRequest) (*CertificateRequest, error if err != nil { return nil, err } - case extension.Id.Equal(oidExtensionKeyUsage): - out.KeyUsage, err = parseKeyUsageExtension(extension.Value) - if err != nil { - return nil, err - } } } diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go index d5c7ec466b..51dda16815 100644 --- a/src/crypto/x509/x509_test.go +++ b/src/crypto/x509/x509_test.go @@ -2977,7 +2977,6 @@ func TestCertificateRequestRoundtripFields(t *testing.T) { EmailAddresses: []string{"a@example.com", "b@example.com"}, IPAddresses: []net.IP{net.IPv4(192, 0, 2, 0), net.IPv6loopback}, URIs: []*url.URL{urlA, urlB}, - KeyUsage: KeyUsageCertSign, } out := marshalAndParseCSR(t, in) @@ -2995,7 +2994,4 @@ func TestCertificateRequestRoundtripFields(t *testing.T) { if !reflect.DeepEqual(in.URIs, out.URIs) { t.Fatalf("Unexpected URIs: got %v, want %v", out.URIs, in.URIs) } - if in.KeyUsage != out.KeyUsage { - t.Fatalf("Unexpected KeyUsage: got %v, want %v", out.KeyUsage, in.KeyUsage) - } } |