mirror of
https://github.com/golang/go
synced 2024-11-13 18:00:30 -07:00
crypto/x509: if a parent cert has a raw subject, use it.
This avoids a problem when creating certificates with parents that were produce by other code: the Go structures don't contain all the information about the various ASN.1 string types etc and so that information would otherwise be lost. R=golang-dev, rsc CC=golang-dev https://golang.org/cl/5453067
This commit is contained in:
parent
ee8b597b1f
commit
02d1dae106
@ -927,10 +927,15 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub *rsa.P
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
asn1Issuer, err := asn1.Marshal(parent.Subject.ToRDNSequence())
|
var asn1Issuer []byte
|
||||||
if err != nil {
|
if len(parent.RawSubject) > 0 {
|
||||||
return
|
asn1Issuer = parent.RawSubject
|
||||||
|
} else {
|
||||||
|
if asn1Issuer, err = asn1.Marshal(parent.Subject.ToRDNSequence()); err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
asn1Subject, err := asn1.Marshal(template.Subject.ToRDNSequence())
|
asn1Subject, err := asn1.Marshal(template.Subject.ToRDNSequence())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
|
Loading…
Reference in New Issue
Block a user