From e2348deeec9da2f0603bb6245c0dda0c721c9ec3 Mon Sep 17 00:00:00 2001 From: Mikkel Krautz Date: Mon, 11 Apr 2011 11:20:12 -0400 Subject: [PATCH] crypto/x509: expose complete DER data R=agl1 CC=golang-dev https://golang.org/cl/4376049 --- src/pkg/crypto/x509/x509.go | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/pkg/crypto/x509/x509.go b/src/pkg/crypto/x509/x509.go index 6825030d6f9..2a57f875837 100644 --- a/src/pkg/crypto/x509/x509.go +++ b/src/pkg/crypto/x509/x509.go @@ -90,6 +90,7 @@ func MarshalPKCS1PrivateKey(key *rsa.PrivateKey) []byte { // These structures reflect the ASN.1 structure of X.509 certificates.: type certificate struct { + Raw asn1.RawContent TBSCertificate tbsCertificate SignatureAlgorithm algorithmIdentifier SignatureValue asn1.BitString @@ -343,7 +344,8 @@ const ( // A Certificate represents an X.509 certificate. type Certificate struct { - Raw []byte // Raw ASN.1 DER contents. + Raw []byte // Complete ASN.1 DER content (certificate, signature algorithm and signature). + RawTBSCertificate []byte // Certificate part of raw ASN.1 DER content. Signature []byte SignatureAlgorithm SignatureAlgorithm @@ -434,7 +436,7 @@ func (c *Certificate) CheckSignatureFrom(parent *Certificate) (err os.Error) { return UnsupportedAlgorithmError{} } - h.Write(c.Raw) + h.Write(c.RawTBSCertificate) digest := h.Sum() return rsa.VerifyPKCS1v15(pub, hashType, digest, c.Signature) @@ -558,7 +560,8 @@ func parsePublicKey(algo PublicKeyAlgorithm, asn1Data []byte) (interface{}, os.E func parseCertificate(in *certificate) (*Certificate, os.Error) { out := new(Certificate) - out.Raw = in.TBSCertificate.Raw + out.Raw = in.Raw + out.RawTBSCertificate = in.TBSCertificate.Raw out.Signature = in.SignatureValue.RightAlign() out.SignatureAlgorithm = @@ -996,6 +999,7 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub *rsa.P } cert, err = asn1.Marshal(certificate{ + nil, c, algorithmIdentifier{oidSHA1WithRSA}, asn1.BitString{Bytes: signature, BitLength: len(signature) * 8},