mirror of
https://github.com/golang/go
synced 2024-11-12 05:50:21 -07:00
crypto/x509: if a parent cert has a raw subject, use it.
This avoids a problem when creating certificates with parents that were produce by other code: the Go structures don't contain all the information about the various ASN.1 string types etc and so that information would otherwise be lost. R=golang-dev, rsc CC=golang-dev https://golang.org/cl/5453067
This commit is contained in:
parent
ee8b597b1f
commit
02d1dae106
@ -927,10 +927,15 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub *rsa.P
|
||||
return
|
||||
}
|
||||
|
||||
asn1Issuer, err := asn1.Marshal(parent.Subject.ToRDNSequence())
|
||||
if err != nil {
|
||||
return
|
||||
var asn1Issuer []byte
|
||||
if len(parent.RawSubject) > 0 {
|
||||
asn1Issuer = parent.RawSubject
|
||||
} else {
|
||||
if asn1Issuer, err = asn1.Marshal(parent.Subject.ToRDNSequence()); err != nil {
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
asn1Subject, err := asn1.Marshal(template.Subject.ToRDNSequence())
|
||||
if err != nil {
|
||||
return
|
||||
|
Loading…
Reference in New Issue
Block a user