commit | 51f41688126afa1de7c4621777189bda17fd3090 | [log] [tgz] |
---|---|---|
author | Roland Shoemaker <rolandshoemaker@gmail.com> | Sun May 10 11:23:58 2020 -0700 |
committer | Roland Shoemaker <roland@golang.org> | Mon Nov 09 17:24:38 2020 +0000 |
tree | 43c866ed94c2c57d51901dbdaa99011f30e6e0ef | |
parent | cfea52b04c18761f9cc3168eff00690155aa6d17 [diff] |
crypto/x509: add additional convenience fields to CertificateRequest Adds the following additional convenience fields to CertificateRequest: * KeyUsage * ExtKeyUsage * UnknownExtKeyUsage * IsCA * MaxPathLen * BasicConstraintsValid * MaxPathLenZero * SubjectKeyId * PolicyIdentifier These fields are parsed during ParseCertificateRequest and marshalled during CreateCertificateRequest. The parsing/marshalling code is factored out of parseCertificate and buildExtensions (which is renamed buildCertExtensions). This has the side effect of making these methods somewhat easier to read. Documentation for the fields is copied from Certificate. Example CSR created with all of these fields parsed with openssl: $ openssl req -in ~/test-csr.pem -noout -text Certificate Request: Data: Version: 0 (0x0) Subject: Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:a4:cb:64:35:8e:dd:8c:2b:a6:f1:aa:39:d1:be: d0:b9:95:1e:59:19:82:76:28:d3:85:1b:c6:88:62: e1:15:33:be:26:18:80:14:fe:f4:d4:91:66:4e:a4: a4:47:bd:53:db:f7:2e:e3:31:ce:5f:86:cb:92:59: 93:bb:d0:7f:a2 ASN1 OID: prime256v1 NIST CURVE: P-256 Attributes: Requested Extensions: X509v3 Key Usage: critical Certificate Sign X509v3 Extended Key Usage: Any Extended Key Usage, 1.2.3 X509v3 Basic Constraints: critical CA:TRUE, pathlen:0 X509v3 Subject Key Identifier: 01:02:03 X509v3 Certificate Policies: Policy: 1.2.3 Signature Algorithm: ecdsa-with-SHA256 30:45:02:21:00:a7:88:e5:96:d4:ad:ae:24:26:ab:5f:15:6a: 3f:22:6d:0e:a6:ba:15:64:8d:78:34:f4:c4:7d:ac:37:b0:2a: 84:02:20:68:44:f0:8e:8a:1b:c1:68:be:14:a6:e3:83:41:fd: 2d:cc:00:aa:bc:50:f6:50:56:12:9e:a4:09:84:5c:bf:c1 Fixes #37172 Change-Id: Ife79d01e203827ef0ac3c787aa13c00d0751a1ec Reviewed-on: https://go-review.googlesource.com/c/go/+/233163 Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> Trust: Katie Hockman <katie@golang.org> Trust: Roland Shoemaker <roland@golang.org>
Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.
Gopher image by Renee French, licensed under Creative Commons 3.0 Attributions license.
Our canonical Git repository is located at https://go.googlesource.com/go. There is a mirror of the repository at https://github.com/golang/go.
Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.
Official binary distributions are available at https://golang.org/dl/.
After downloading a binary release, visit https://golang.org/doc/install or load doc/install.html in your web browser for installation instructions.
If a binary distribution is not available for your combination of operating system and architecture, visit https://golang.org/doc/install/source or load doc/install-source.html in your web browser for source installation instructions.
Go is the work of thousands of contributors. We appreciate your help!
To contribute, please read the contribution guidelines: https://golang.org/doc/contribute.html
Note that the Go project uses the issue tracker for bug reports and proposals only. See https://golang.org/wiki/Questions for a list of places to ask questions about the Go language.