crypto/x509: unwrap Subject Key Identifier

RFC 5280, 4.2.1.2 says: SubjectKeyIdentifier ::= KeyIdentifier KeyIdentifier ::= OCTET STRING Previously, we were failing to unwrap the second level of OCTET STRING encoding. Fixes #993. R=rsc CC=golang-dev https://golang.org/cl/1917044
author: Adam Langley <agl@golang.org> 2010-08-03 12:26:48 -0400
committer: Adam Langley <agl@golang.org> 2010-08-03 12:26:48 -0400
commit: 7748a7f159f43a7098dfdb170d26b152d8d5ba77 (patch)
tree: 05e0ed37eb48d61c304b22a3ceac398e1ddd3d2d /src/pkg
parent: 3f19d8ae8d9c1fd8bfbfadb3dda091a6147b8855 (diff)
download: go-7748a7f159f43a7098dfdb170d26b152d8d5ba77.tar.xz
1 files changed, 6 insertions, 1 deletions
diff --git a/src/pkg/crypto/x509/x509.go b/src/pkg/crypto/x509/x509.go
index 728116850f..e4a05d3ef0 100644
--- a/src/pkg/crypto/x509/x509.go
+++ b/src/pkg/crypto/x509/x509.go
@@ -610,7 +610,12 @@ func parseCertificate(in *certificate) (*Certificate, os.Error) {
 
 			case 14:
 				// RFC 5280, 4.2.1.2
-				out.SubjectKeyId = e.Value
+				var keyid []byte
+				_, err = asn1.Unmarshal(&keyid, e.Value)
+				if err != nil {
+					return nil, err
+				}
+				out.SubjectKeyId = keyid
 				continue
 			}
 		}
author	Adam Langley <agl@golang.org>	2010-08-03 12:26:48 -0400
committer	Adam Langley <agl@golang.org>	2010-08-03 12:26:48 -0400
commit	7748a7f159f43a7098dfdb170d26b152d8d5ba77 (patch)
tree	05e0ed37eb48d61c304b22a3ceac398e1ddd3d2d /src/pkg
parent	3f19d8ae8d9c1fd8bfbfadb3dda091a6147b8855 (diff)
download	go-7748a7f159f43a7098dfdb170d26b152d8d5ba77.tar.xz