crypto/x509: unwrap Subject Key Identifier

RFC 5280, 4.2.1.2 says: SubjectKeyIdentifier ::= KeyIdentifier KeyIdentifier ::= OCTET STRING Previously, we were failing to unwrap the second level of OCTET STRING encoding. Fixes #993. R=rsc CC=golang-dev https://golang.org/cl/1917044

crypto/x509: unwrap Subject Key Identifier
RFC 5280, 4.2.1.2 says: SubjectKeyIdentifier ::= KeyIdentifier KeyIdentifier ::= OCTET STRING Previously, we were failing to unwrap the second level of OCTET STRING encoding. Fixes #993. R=rsc CC=golang-dev https://golang.org/cl/1917044
7748a7f1 · Adam Langley · 3f19d8ae · 7748a7f1
Commit 7748a7f1 authored Aug 03, 2010 by Adam Langley
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 1 deletion

src/pkg/crypto/x509/x509.go src/pkg/crypto/x509/x509.go +6 -1

No files found.
--- a/src/pkg/crypto/x509/x509.go
+++ b/src/pkg/crypto/x509/x509.go
@@ -610,7 +610,12 @@ func parseCertificate(in *certificate) (*Certificate, os.Error) {

 			case 14:
 				// RFC 5280, 4.2.1.2
-				out.SubjectKeyId = e.Value
+				var keyid []byte
+				_, err = asn1.Unmarshal(&keyid, e.Value)
+				if err != nil {
+					return nil, err
+				}
+				out.SubjectKeyId = keyid
 				continue
 			}
 		}