Issue 5275047: code review 5275047: crypto/x509: keep the raw Subject and Issuer.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Issue 5275047: code review 5275047: crypto/x509: keep the raw Subject and Issuer. (Closed)

Can't Edit
Can't Publish+Mail
Start Review

Created:
12 years, 6 months ago by agl1

Modified:
12 years, 6 months ago

Reviewers:

CC:
bradfitz, golang-dev

Visibility:
Public.

Description

crypto/x509: keep the raw Subject and Issuer. X509 names, like everything else X509, are ludicrously general. This change keeps the raw version of the subject and issuer around for matching. Since certificates use a distinguished encoding, comparing the encoding is the same as comparing the values directly. This came up recently when parsing the NSS built-in certificates which use the raw subject and issuer for matching trust records to certificates.

Patch Set 1 #

Patch Set 2 : diff -r 65ea102b8d02 https://go.googlecode.com/hg/ #

Patch Set 3 : diff -r 65ea102b8d02 https://go.googlecode.com/hg/ #

Patch Set 4 : diff -r 2ecc6b52d9d0 https://go.googlecode.com/hg/ #

Created: 12 years, 6 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+47 lines, -18 lines)			Patch
M	src/pkg/asn1/marshal.go	View	1	1 chunk	+8 lines, -4 lines	0 comments	Download
M	src/pkg/crypto/x509/cert_pool.go	View	1	4 chunks	+2 lines, -8 lines	0 comments	Download
M	src/pkg/crypto/x509/pkix/pkix.go	View	1	2 chunks	+3 lines, -0 lines	0 comments	Download
M	src/pkg/crypto/x509/verify_test.go	View	1	2 chunks	+5 lines, -0 lines	0 comments	Download
M	src/pkg/crypto/x509/x509.go	View	1	5 chunks	+29 lines, -6 lines	0 comments	Download

Messages

Total messages: 3

Expand All Messages | Collapse All Messages

agl1

Hello bradfitz@golang.org (cc: golang-dev@googlegroups.com), I'd like you to review this change to https://go.googlecode.com/hg/

12 years, 6 months ago (2011-10-14 17:25:41 UTC) #1

agl1

12 years, 6 months ago (2011-10-14 19:07:13 UTC) #3

*** Submitted as http://code.google.com/p/go/source/detail?r=af84b15fbae2 ***

crypto/x509: keep the raw Subject and Issuer.

X509 names, like everything else X509, are ludicrously general. This
change keeps the raw version of the subject and issuer around for
matching. Since certificates use a distinguished encoding, comparing
the encoding is the same as comparing the values directly. This came
up recently when parsing the NSS built-in certificates which use the
raw subject and issuer for matching trust records to certificates.

R=bradfitz
CC=golang-dev
http://codereview.appspot.com/5275047

Expand All Messages | Collapse All Messages