diff options
| author | Ian Lance Taylor <ian@gcc.gnu.org> | 2019-02-26 01:00:39 +0000 |
|---|---|---|
| committer | Ian Lance Taylor <ian@gcc.gnu.org> | 2019-02-26 01:00:39 +0000 |
| commit | 99e20ba51d5b0785c7e98244d2901853d9fb3b41 (patch) | |
| tree | d86fa5d601b8bc3629b3820df4d5e7042853453f /libgo/go/crypto/x509/x509.go | |
| parent | e5e9b91bc61da0bdb58c6577c319e61a3ed04b17 (diff) | |
| download | gcc-99e20ba51d5b0785c7e98244d2901853d9fb3b41.zip gcc-99e20ba51d5b0785c7e98244d2901853d9fb3b41.tar.gz gcc-99e20ba51d5b0785c7e98244d2901853d9fb3b41.tar.bz2 | |
libgo: update to Go1.12rc1
Reviewed-on: https://go-review.googlesource.com/c/162881
From-SVN: r269202
Diffstat (limited to 'libgo/go/crypto/x509/x509.go')
| -rw-r--r-- | libgo/go/crypto/x509/x509.go | 38 |
1 files changed, 21 insertions, 17 deletions
diff --git a/libgo/go/crypto/x509/x509.go b/libgo/go/crypto/x509/x509.go index 08681a6..58098ad 100644 --- a/libgo/go/crypto/x509/x509.go +++ b/libgo/go/crypto/x509/x509.go @@ -2272,21 +2272,25 @@ type CertificateRequest struct { Subject pkix.Name - // Attributes is the dried husk of a bug and shouldn't be used. + // Attributes contains the CSR attributes that can parse as + // pkix.AttributeTypeAndValueSET. + // + // Deprecated: use Extensions and ExtraExtensions instead for parsing and + // generating the requestedExtensions attribute. Attributes []pkix.AttributeTypeAndValueSET - // Extensions contains raw X.509 extensions. When parsing CSRs, this - // can be used to extract extensions that are not parsed by this + // Extensions contains all requested extensions, in raw form. When parsing + // CSRs, this can be used to extract extensions that are not parsed by this // package. Extensions []pkix.Extension - // ExtraExtensions contains extensions to be copied, raw, into any - // marshaled CSR. Values override any extensions that would otherwise - // be produced based on the other fields but are overridden by any - // extensions specified in Attributes. + // ExtraExtensions contains extensions to be copied, raw, into any CSR + // marshaled by CreateCertificateRequest. Values override any extensions + // that would otherwise be produced based on the other fields but are + // overridden by any extensions specified in Attributes. // - // The ExtraExtensions field is not populated when parsing CSRs, see - // Extensions. + // The ExtraExtensions field is not populated by ParseCertificateRequest, + // see Extensions instead. ExtraExtensions []pkix.Extension // Subject Alternate Name values. @@ -2385,21 +2389,21 @@ func parseCSRExtensions(rawAttributes []asn1.RawValue) ([]pkix.Extension, error) // CreateCertificateRequest creates a new certificate request based on a // template. The following members of template are used: // -// - Attributes +// - SignatureAlgorithm +// - Subject // - DNSNames // - EmailAddresses -// - ExtraExtensions // - IPAddresses // - URIs -// - SignatureAlgorithm -// - Subject +// - ExtraExtensions +// - Attributes (deprecated) // -// The private key is the private key of the signer. +// priv is the private key to sign the CSR with, and the corresponding public +// key will be included in the CSR. It must implement crypto.Signer and its +// Public() method must return a *rsa.PublicKey or a *ecdsa.PublicKey. (A +// *rsa.PrivateKey or *ecdsa.PrivateKey satisfies this.) // // The returned slice is the certificate request in DER encoding. -// -// All keys types that are implemented via crypto.Signer are supported (This -// includes *rsa.PublicKey and *ecdsa.PublicKey.) func CreateCertificateRequest(rand io.Reader, template *CertificateRequest, priv interface{}) (csr []byte, err error) { key, ok := priv.(crypto.Signer) if !ok { |