1
0
mirror of https://github.com/golang/go synced 2024-11-25 01:08:02 -07:00

crypto/x509: if a parent cert has a raw subject, use it.

This avoids a problem when creating certificates with parents that
were produce by other code: the Go structures don't contain all the
information about the various ASN.1 string types etc and so that
information would otherwise be lost.

R=golang-dev, rsc
CC=golang-dev
https://golang.org/cl/5453067
This commit is contained in:
Adam Langley 2011-12-06 16:42:48 -05:00
parent ee8b597b1f
commit 02d1dae106

View File

@ -927,10 +927,15 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub *rsa.P
return
}
asn1Issuer, err := asn1.Marshal(parent.Subject.ToRDNSequence())
if err != nil {
return
var asn1Issuer []byte
if len(parent.RawSubject) > 0 {
asn1Issuer = parent.RawSubject
} else {
if asn1Issuer, err = asn1.Marshal(parent.Subject.ToRDNSequence()); err != nil {
return
}
}
asn1Subject, err := asn1.Marshal(template.Subject.ToRDNSequence())
if err != nil {
return