crypto/x509: if a parent cert has a raw subject, use it.

This avoids a problem when creating certificates with parents that were produce by other code: the Go structures don't contain all the information about the various ASN.1 string types etc and so that information would otherwise be lost. R=golang-dev, rsc CC=golang-dev https://golang.org/cl/5453067

crypto/x509: if a parent cert has a raw subject, use it.
This avoids a problem when creating certificates with parents that were produce by other code: the Go structures don't contain all the information about the various ASN.1 string types etc and so that information would otherwise be lost. R=golang-dev, rsc CC=golang-dev https://golang.org/cl/5453067
02d1dae1 · Adam Langley · ee8b597b · 02d1dae1
Commit 02d1dae1 authored Dec 06, 2011 by Adam Langley
Show whitespace changes
Inline Side-by-side

Showing with 8 additions and 3 deletions

src/pkg/crypto/x509/x509.go src/pkg/crypto/x509/x509.go +8 -3

No files found.
--- a/src/pkg/crypto/x509/x509.go
+++ b/src/pkg/crypto/x509/x509.go
@@ -927,10 +927,15 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub *rsa.P
 		return
 	}
-	asn1Issuer, err := asn1.Marshal(parent.Subject.ToRDNSequence())
+	var asn1Issuer []byte
-	if err != nil {
+	if len(parent.RawSubject) > 0 {
+		asn1Issuer = parent.RawSubject
+	} else {
+		if asn1Issuer, err = asn1.Marshal(parent.Subject.ToRDNSequence()); err != nil {
 			return
 		}
+	}
 	asn1Subject, err := asn1.Marshal(template.Subject.ToRDNSequence())
 	if err != nil {
 		return