crypto/x509: follow OpenSSL and emit Extension structures directly in CSRs. - go - Fork of Go programming language with my patches.

diff options

author	Adam Langley <agl@golang.org>	2017-10-13 14:46:06 -0700
committer	Adam Langley <agl@golang.org>	2018-03-22 18:58:11 +0000
commit	0b37f05d8dc17a52a9ac1fc827075cd36fe977bb (patch)
tree	8a9f742a2ba7f87265a077fea83cb5941b3abcbc /src/cmd/vendor/github.com
parent	c529141d72d83d563a9cf5cdf366dc9b6993121e (diff)
download	go-0b37f05d8dc17a52a9ac1fc827075cd36fe977bb.tar.xz

crypto/x509: follow OpenSSL and emit Extension structures directly in CSRs.

I don't know if I got lost in the old PKCS documents, or whether this is a case where reality diverges from the spec, but OpenSSL clearly stuffs PKIX Extension objects in CSR attributues directly[1]. In either case, doing what OpenSSL does seems valid here and allows the critical flag in extensions to be serialised. Fixes #13739. [1] https://github.com/openssl/openssl/blob/e3713c365c2657236439fea00822a43aa396d112/crypto/x509/x509_req.c#L173 Change-Id: Ic1e73ba9bd383a357a2aa8fc4f6bd76811bbefcc Reviewed-on: https://go-review.googlesource.com/70851 Run-TryBot: Adam Langley <agl@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org>

Diffstat (limited to 'src/cmd/vendor/github.com')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: