From d5363590597572228d4e0d0ae13f3469176ceb14 Mon Sep 17 00:00:00 2001 From: Ian Lance Taylor Date: Wed, 14 Dec 2011 15:41:54 +0000 Subject: libgo: Update to weekly.2011-12-06. From-SVN: r182338 --- libgo/go/crypto/aes/aes_test.go | 14 ++++++++++++++ libgo/go/crypto/aes/block.go | 16 ++++++++-------- libgo/go/crypto/hmac/hmac.go | 9 ++++----- libgo/go/crypto/md5/md5.go | 17 +++++++++-------- libgo/go/crypto/openpgp/s2k/s2k.go | 8 ++++++-- libgo/go/crypto/openpgp/write.go | 2 +- libgo/go/crypto/ripemd160/ripemd160.go | 17 +++++++++-------- libgo/go/crypto/rsa/rsa.go | 3 ++- libgo/go/crypto/sha1/sha1.go | 17 +++++++++-------- libgo/go/crypto/sha256/sha256.go | 20 ++++++++++++-------- libgo/go/crypto/sha512/sha512.go | 25 +++++++++++++++---------- libgo/go/crypto/tls/cipher_suites.go | 26 +++++++++++++------------- libgo/go/crypto/tls/conn.go | 9 +++++++-- libgo/go/crypto/tls/handshake_client.go | 8 ++++---- libgo/go/crypto/tls/handshake_server.go | 6 +++--- libgo/go/crypto/tls/handshake_server_test.go | 4 ++-- libgo/go/crypto/x509/x509.go | 11 ++++++++--- 17 files changed, 126 insertions(+), 86 deletions(-) (limited to 'libgo/go/crypto') diff --git a/libgo/go/crypto/aes/aes_test.go b/libgo/go/crypto/aes/aes_test.go index 2136d44..3505d33 100644 --- a/libgo/go/crypto/aes/aes_test.go +++ b/libgo/go/crypto/aes/aes_test.go @@ -348,3 +348,17 @@ func TestCipherDecrypt(t *testing.T) { } } } + +func BenchmarkEncrypt(b *testing.B) { + b.StopTimer() + tt := encryptTests[0] + c, err := NewCipher(tt.key) + if err != nil { + panic("NewCipher") + } + out := make([]byte, len(tt.in)) + b.StartTimer() + for i := 0; i < b.N; i++ { + c.Encrypt(out, tt.in) + } +} diff --git a/libgo/go/crypto/aes/block.go b/libgo/go/crypto/aes/block.go index 130cd01..37b0dd0 100644 --- a/libgo/go/crypto/aes/block.go +++ b/libgo/go/crypto/aes/block.go @@ -56,10 +56,10 @@ func encryptBlock(xk []uint32, dst, src []byte) { nr := len(xk)/4 - 2 // - 2: one above, one more below k := 4 for r := 0; r < nr; r++ { - t0 = xk[k+0] ^ te[0][s0>>24] ^ te[1][s1>>16&0xff] ^ te[2][s2>>8&0xff] ^ te[3][s3&0xff] - t1 = xk[k+1] ^ te[0][s1>>24] ^ te[1][s2>>16&0xff] ^ te[2][s3>>8&0xff] ^ te[3][s0&0xff] - t2 = xk[k+2] ^ te[0][s2>>24] ^ te[1][s3>>16&0xff] ^ te[2][s0>>8&0xff] ^ te[3][s1&0xff] - t3 = xk[k+3] ^ te[0][s3>>24] ^ te[1][s0>>16&0xff] ^ te[2][s1>>8&0xff] ^ te[3][s2&0xff] + t0 = xk[k+0] ^ te[0][uint8(s0>>24)] ^ te[1][uint8(s1>>16)] ^ te[2][uint8(s2>>8)] ^ te[3][uint8(s3)] + t1 = xk[k+1] ^ te[0][uint8(s1>>24)] ^ te[1][uint8(s2>>16)] ^ te[2][uint8(s3>>8)] ^ te[3][uint8(s0)] + t2 = xk[k+2] ^ te[0][uint8(s2>>24)] ^ te[1][uint8(s3>>16)] ^ te[2][uint8(s0>>8)] ^ te[3][uint8(s1)] + t3 = xk[k+3] ^ te[0][uint8(s3>>24)] ^ te[1][uint8(s0>>16)] ^ te[2][uint8(s1>>8)] ^ te[3][uint8(s2)] k += 4 s0, s1, s2, s3 = t0, t1, t2, t3 } @@ -101,10 +101,10 @@ func decryptBlock(xk []uint32, dst, src []byte) { nr := len(xk)/4 - 2 // - 2: one above, one more below k := 4 for r := 0; r < nr; r++ { - t0 = xk[k+0] ^ td[0][s0>>24] ^ td[1][s3>>16&0xff] ^ td[2][s2>>8&0xff] ^ td[3][s1&0xff] - t1 = xk[k+1] ^ td[0][s1>>24] ^ td[1][s0>>16&0xff] ^ td[2][s3>>8&0xff] ^ td[3][s2&0xff] - t2 = xk[k+2] ^ td[0][s2>>24] ^ td[1][s1>>16&0xff] ^ td[2][s0>>8&0xff] ^ td[3][s3&0xff] - t3 = xk[k+3] ^ td[0][s3>>24] ^ td[1][s2>>16&0xff] ^ td[2][s1>>8&0xff] ^ td[3][s0&0xff] + t0 = xk[k+0] ^ td[0][uint8(s0>>24)] ^ td[1][uint8(s3>>16)] ^ td[2][uint8(s2>>8)] ^ td[3][uint8(s1)] + t1 = xk[k+1] ^ td[0][uint8(s1>>24)] ^ td[1][uint8(s0>>16)] ^ td[2][uint8(s3>>8)] ^ td[3][uint8(s2)] + t2 = xk[k+2] ^ td[0][uint8(s2>>24)] ^ td[1][uint8(s1>>16)] ^ td[2][uint8(s0>>8)] ^ td[3][uint8(s3)] + t3 = xk[k+3] ^ td[0][uint8(s3>>24)] ^ td[1][uint8(s2>>16)] ^ td[2][uint8(s1>>8)] ^ td[3][uint8(s0)] k += 4 s0, s1, s2, s3 = t0, t1, t2, t3 } diff --git a/libgo/go/crypto/hmac/hmac.go b/libgo/go/crypto/hmac/hmac.go index deaceaf..6e7dd87 100644 --- a/libgo/go/crypto/hmac/hmac.go +++ b/libgo/go/crypto/hmac/hmac.go @@ -49,14 +49,13 @@ func (h *hmac) tmpPad(xor byte) { } func (h *hmac) Sum(in []byte) []byte { - sum := h.inner.Sum(nil) + origLen := len(in) + in = h.inner.Sum(in) h.tmpPad(0x5c) - for i, b := range sum { - h.tmp[padSize+i] = b - } + copy(h.tmp[padSize:], in[origLen:]) h.outer.Reset() h.outer.Write(h.tmp) - return h.outer.Sum(in) + return h.outer.Sum(in[:origLen]) } func (h *hmac) Write(p []byte) (n int, err error) { diff --git a/libgo/go/crypto/md5/md5.go b/libgo/go/crypto/md5/md5.go index 182cfb8..f4e7b09 100644 --- a/libgo/go/crypto/md5/md5.go +++ b/libgo/go/crypto/md5/md5.go @@ -79,8 +79,7 @@ func (d *digest) Write(p []byte) (nn int, err error) { func (d0 *digest) Sum(in []byte) []byte { // Make a copy of d0 so that caller can keep writing and summing. - d := new(digest) - *d = *d0 + d := *d0 // Padding. Add a 1 bit and 0 bits until 56 bytes mod 64. len := d.len @@ -103,11 +102,13 @@ func (d0 *digest) Sum(in []byte) []byte { panic("d.nx != 0") } - for _, s := range d.s { - in = append(in, byte(s>>0)) - in = append(in, byte(s>>8)) - in = append(in, byte(s>>16)) - in = append(in, byte(s>>24)) + var digest [Size]byte + for i, s := range d.s { + digest[i*4] = byte(s) + digest[i*4+1] = byte(s >> 8) + digest[i*4+2] = byte(s >> 16) + digest[i*4+3] = byte(s >> 24) } - return in + + return append(in, digest[:]...) } diff --git a/libgo/go/crypto/openpgp/s2k/s2k.go b/libgo/go/crypto/openpgp/s2k/s2k.go index 83673e1..8bc0bb3 100644 --- a/libgo/go/crypto/openpgp/s2k/s2k.go +++ b/libgo/go/crypto/openpgp/s2k/s2k.go @@ -26,6 +26,7 @@ var zero [1]byte // 4880, section 3.7.1.2) using the given hash, input passphrase and salt. func Salted(out []byte, h hash.Hash, in []byte, salt []byte) { done := 0 + var digest []byte for i := 0; done < len(out); i++ { h.Reset() @@ -34,7 +35,8 @@ func Salted(out []byte, h hash.Hash, in []byte, salt []byte) { } h.Write(salt) h.Write(in) - n := copy(out[done:], h.Sum(nil)) + digest = h.Sum(digest[:0]) + n := copy(out[done:], digest) done += n } } @@ -52,6 +54,7 @@ func Iterated(out []byte, h hash.Hash, in []byte, salt []byte, count int) { } done := 0 + var digest []byte for i := 0; done < len(out); i++ { h.Reset() for j := 0; j < i; j++ { @@ -68,7 +71,8 @@ func Iterated(out []byte, h hash.Hash, in []byte, salt []byte, count int) { written += len(combined) } } - n := copy(out[done:], h.Sum(nil)) + digest = h.Sum(digest[:0]) + n := copy(out[done:], digest) done += n } } diff --git a/libgo/go/crypto/openpgp/write.go b/libgo/go/crypto/openpgp/write.go index 60dae01..bdee57d 100644 --- a/libgo/go/crypto/openpgp/write.go +++ b/libgo/go/crypto/openpgp/write.go @@ -183,7 +183,7 @@ func Encrypt(ciphertext io.Writer, to []*Entity, signed *Entity, hints *FileHint for i := range to { encryptKeys[i] = to[i].encryptionKey() if encryptKeys[i].PublicKey == nil { - return nil, error_.InvalidArgumentError("cannot encrypt a message to key id " + strconv.Uitob64(to[i].PrimaryKey.KeyId, 16) + " because it has no encryption keys") + return nil, error_.InvalidArgumentError("cannot encrypt a message to key id " + strconv.FormatUint(to[i].PrimaryKey.KeyId, 16) + " because it has no encryption keys") } sig := to[i].primaryIdentity().SelfSignature diff --git a/libgo/go/crypto/ripemd160/ripemd160.go b/libgo/go/crypto/ripemd160/ripemd160.go index c128ee4..cd2cc39 100644 --- a/libgo/go/crypto/ripemd160/ripemd160.go +++ b/libgo/go/crypto/ripemd160/ripemd160.go @@ -83,8 +83,7 @@ func (d *digest) Write(p []byte) (nn int, err error) { func (d0 *digest) Sum(in []byte) []byte { // Make a copy of d0 so that caller can keep writing and summing. - d := new(digest) - *d = *d0 + d := *d0 // Padding. Add a 1 bit and 0 bits until 56 bytes mod 64. tc := d.tc @@ -107,11 +106,13 @@ func (d0 *digest) Sum(in []byte) []byte { panic("d.nx != 0") } - for _, s := range d.s { - in = append(in, byte(s)) - in = append(in, byte(s>>8)) - in = append(in, byte(s>>16)) - in = append(in, byte(s>>24)) + var digest [Size]byte + for i, s := range d.s { + digest[i*4] = byte(s) + digest[i*4+1] = byte(s >> 8) + digest[i*4+2] = byte(s >> 16) + digest[i*4+3] = byte(s >> 24) } - return in + + return append(in, digest[:]...) } diff --git a/libgo/go/crypto/rsa/rsa.go b/libgo/go/crypto/rsa/rsa.go index f74525c..c07e8f9 100644 --- a/libgo/go/crypto/rsa/rsa.go +++ b/libgo/go/crypto/rsa/rsa.go @@ -189,12 +189,13 @@ func incCounter(c *[4]byte) { // specified in PKCS#1 v2.1. func mgf1XOR(out []byte, hash hash.Hash, seed []byte) { var counter [4]byte + var digest []byte done := 0 for done < len(out) { hash.Write(seed) hash.Write(counter[0:4]) - digest := hash.Sum(nil) + digest = hash.Sum(digest[:0]) hash.Reset() for i := 0; i < len(digest) && done < len(out); i++ { diff --git a/libgo/go/crypto/sha1/sha1.go b/libgo/go/crypto/sha1/sha1.go index f41cdb5..7bb68bb 100644 --- a/libgo/go/crypto/sha1/sha1.go +++ b/libgo/go/crypto/sha1/sha1.go @@ -81,8 +81,7 @@ func (d *digest) Write(p []byte) (nn int, err error) { func (d0 *digest) Sum(in []byte) []byte { // Make a copy of d0 so that caller can keep writing and summing. - d := new(digest) - *d = *d0 + d := *d0 // Padding. Add a 1 bit and 0 bits until 56 bytes mod 64. len := d.len @@ -105,11 +104,13 @@ func (d0 *digest) Sum(in []byte) []byte { panic("d.nx != 0") } - for _, s := range d.h { - in = append(in, byte(s>>24)) - in = append(in, byte(s>>16)) - in = append(in, byte(s>>8)) - in = append(in, byte(s)) + var digest [Size]byte + for i, s := range d.h { + digest[i*4] = byte(s >> 24) + digest[i*4+1] = byte(s >> 16) + digest[i*4+2] = byte(s >> 8) + digest[i*4+3] = byte(s) } - return in + + return append(in, digest[:]...) } diff --git a/libgo/go/crypto/sha256/sha256.go b/libgo/go/crypto/sha256/sha256.go index 34861f6..4525541 100644 --- a/libgo/go/crypto/sha256/sha256.go +++ b/libgo/go/crypto/sha256/sha256.go @@ -125,8 +125,7 @@ func (d *digest) Write(p []byte) (nn int, err error) { func (d0 *digest) Sum(in []byte) []byte { // Make a copy of d0 so that caller can keep writing and summing. - d := new(digest) - *d = *d0 + d := *d0 // Padding. Add a 1 bit and 0 bits until 56 bytes mod 64. len := d.len @@ -150,14 +149,19 @@ func (d0 *digest) Sum(in []byte) []byte { } h := d.h[:] + size := Size if d.is224 { h = d.h[:7] + size = Size224 } - for _, s := range h { - in = append(in, byte(s>>24)) - in = append(in, byte(s>>16)) - in = append(in, byte(s>>8)) - in = append(in, byte(s)) + + var digest [Size]byte + for i, s := range h { + digest[i*4] = byte(s >> 24) + digest[i*4+1] = byte(s >> 16) + digest[i*4+2] = byte(s >> 8) + digest[i*4+3] = byte(s) } - return in + + return append(in, digest[:size]...) } diff --git a/libgo/go/crypto/sha512/sha512.go b/libgo/go/crypto/sha512/sha512.go index 3cf65cb..927f28a 100644 --- a/libgo/go/crypto/sha512/sha512.go +++ b/libgo/go/crypto/sha512/sha512.go @@ -150,18 +150,23 @@ func (d0 *digest) Sum(in []byte) []byte { } h := d.h[:] + size := Size if d.is384 { h = d.h[:6] + size = Size384 } - for _, s := range h { - in = append(in, byte(s>>56)) - in = append(in, byte(s>>48)) - in = append(in, byte(s>>40)) - in = append(in, byte(s>>32)) - in = append(in, byte(s>>24)) - in = append(in, byte(s>>16)) - in = append(in, byte(s>>8)) - in = append(in, byte(s)) + + var digest [Size]byte + for i, s := range h { + digest[i*8] = byte(s >> 56) + digest[i*8+1] = byte(s >> 48) + digest[i*8+2] = byte(s >> 40) + digest[i*8+3] = byte(s >> 32) + digest[i*8+4] = byte(s >> 24) + digest[i*8+5] = byte(s >> 16) + digest[i*8+6] = byte(s >> 8) + digest[i*8+7] = byte(s) } - return in + + return append(in, digest[:size]...) } diff --git a/libgo/go/crypto/tls/cipher_suites.go b/libgo/go/crypto/tls/cipher_suites.go index c0e8656..914491d 100644 --- a/libgo/go/crypto/tls/cipher_suites.go +++ b/libgo/go/crypto/tls/cipher_suites.go @@ -52,12 +52,12 @@ type cipherSuite struct { } var cipherSuites = []*cipherSuite{ - &cipherSuite{TLS_RSA_WITH_RC4_128_SHA, 16, 20, 0, rsaKA, false, cipherRC4, macSHA1}, - &cipherSuite{TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, rsaKA, false, cipher3DES, macSHA1}, - &cipherSuite{TLS_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, rsaKA, false, cipherAES, macSHA1}, - &cipherSuite{TLS_ECDHE_RSA_WITH_RC4_128_SHA, 16, 20, 0, ecdheRSAKA, true, cipherRC4, macSHA1}, - &cipherSuite{TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, ecdheRSAKA, true, cipher3DES, macSHA1}, - &cipherSuite{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheRSAKA, true, cipherAES, macSHA1}, + {TLS_RSA_WITH_RC4_128_SHA, 16, 20, 0, rsaKA, false, cipherRC4, macSHA1}, + {TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, rsaKA, false, cipher3DES, macSHA1}, + {TLS_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, rsaKA, false, cipherAES, macSHA1}, + {TLS_ECDHE_RSA_WITH_RC4_128_SHA, 16, 20, 0, ecdheRSAKA, true, cipherRC4, macSHA1}, + {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, ecdheRSAKA, true, cipher3DES, macSHA1}, + {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheRSAKA, true, cipherAES, macSHA1}, } func cipherRC4(key, iv []byte, isRead bool) interface{} { @@ -96,7 +96,7 @@ func macSHA1(version uint16, key []byte) macFunction { type macFunction interface { Size() int - MAC(seq, data []byte) []byte + MAC(digestBuf, seq, data []byte) []byte } // ssl30MAC implements the SSLv3 MAC function, as defined in @@ -114,7 +114,7 @@ var ssl30Pad1 = [48]byte{0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0 var ssl30Pad2 = [48]byte{0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c} -func (s ssl30MAC) MAC(seq, record []byte) []byte { +func (s ssl30MAC) MAC(digestBuf, seq, record []byte) []byte { padLength := 48 if s.h.Size() == 20 { padLength = 40 @@ -127,13 +127,13 @@ func (s ssl30MAC) MAC(seq, record []byte) []byte { s.h.Write(record[:1]) s.h.Write(record[3:5]) s.h.Write(record[recordHeaderLen:]) - digest := s.h.Sum(nil) + digestBuf = s.h.Sum(digestBuf[:0]) s.h.Reset() s.h.Write(s.key) s.h.Write(ssl30Pad2[:padLength]) - s.h.Write(digest) - return s.h.Sum(nil) + s.h.Write(digestBuf) + return s.h.Sum(digestBuf[:0]) } // tls10MAC implements the TLS 1.0 MAC function. RFC 2246, section 6.2.3. @@ -145,11 +145,11 @@ func (s tls10MAC) Size() int { return s.h.Size() } -func (s tls10MAC) MAC(seq, record []byte) []byte { +func (s tls10MAC) MAC(digestBuf, seq, record []byte) []byte { s.h.Reset() s.h.Write(seq) s.h.Write(record) - return s.h.Sum(nil) + return s.h.Sum(digestBuf[:0]) } func rsaKA() keyAgreement { diff --git a/libgo/go/crypto/tls/conn.go b/libgo/go/crypto/tls/conn.go index b8fa273..6a03fa8 100644 --- a/libgo/go/crypto/tls/conn.go +++ b/libgo/go/crypto/tls/conn.go @@ -118,6 +118,9 @@ type halfConn struct { nextCipher interface{} // next encryption state nextMac macFunction // next MAC algorithm + + // used to save allocating a new buffer for each MAC. + inDigestBuf, outDigestBuf []byte } // prepareCipherSpec sets the encryption and MAC states @@ -280,12 +283,13 @@ func (hc *halfConn) decrypt(b *block) (bool, alert) { b.data[4] = byte(n) b.resize(recordHeaderLen + n) remoteMAC := payload[n:] - localMAC := hc.mac.MAC(hc.seq[0:], b.data) + localMAC := hc.mac.MAC(hc.inDigestBuf, hc.seq[0:], b.data) hc.incSeq() if subtle.ConstantTimeCompare(localMAC, remoteMAC) != 1 || paddingGood != 255 { return false, alertBadRecordMAC } + hc.inDigestBuf = localMAC } return true, 0 @@ -312,12 +316,13 @@ func padToBlockSize(payload []byte, blockSize int) (prefix, finalBlock []byte) { func (hc *halfConn) encrypt(b *block) (bool, alert) { // mac if hc.mac != nil { - mac := hc.mac.MAC(hc.seq[0:], b.data) + mac := hc.mac.MAC(hc.outDigestBuf, hc.seq[0:], b.data) hc.incSeq() n := len(b.data) b.resize(n + len(mac)) copy(b.data[n:], mac) + hc.outDigestBuf = mac } payload := b.data[recordHeaderLen:] diff --git a/libgo/go/crypto/tls/handshake_client.go b/libgo/go/crypto/tls/handshake_client.go index b4337f2..e39e59c 100644 --- a/libgo/go/crypto/tls/handshake_client.go +++ b/libgo/go/crypto/tls/handshake_client.go @@ -231,10 +231,10 @@ func (c *Conn) clientHandshake() error { if cert != nil { certVerify := new(certificateVerifyMsg) - var digest [36]byte - copy(digest[0:16], finishedHash.serverMD5.Sum(nil)) - copy(digest[16:36], finishedHash.serverSHA1.Sum(nil)) - signed, err := rsa.SignPKCS1v15(c.config.rand(), c.config.Certificates[0].PrivateKey, crypto.MD5SHA1, digest[0:]) + digest := make([]byte, 0, 36) + digest = finishedHash.serverMD5.Sum(digest) + digest = finishedHash.serverSHA1.Sum(digest) + signed, err := rsa.SignPKCS1v15(c.config.rand(), c.config.Certificates[0].PrivateKey, crypto.MD5SHA1, digest) if err != nil { return c.sendAlert(alertInternalError) } diff --git a/libgo/go/crypto/tls/handshake_server.go b/libgo/go/crypto/tls/handshake_server.go index bbb23c0..89c000d 100644 --- a/libgo/go/crypto/tls/handshake_server.go +++ b/libgo/go/crypto/tls/handshake_server.go @@ -234,9 +234,9 @@ FindCipherSuite: return c.sendAlert(alertUnexpectedMessage) } - digest := make([]byte, 36) - copy(digest[0:16], finishedHash.serverMD5.Sum(nil)) - copy(digest[16:36], finishedHash.serverSHA1.Sum(nil)) + digest := make([]byte, 0, 36) + digest = finishedHash.serverMD5.Sum(digest) + digest = finishedHash.serverSHA1.Sum(digest) err = rsa.VerifyPKCS1v15(pub, crypto.MD5SHA1, digest, certVerify.signature) if err != nil { c.sendAlert(alertBadCertificate) diff --git a/libgo/go/crypto/tls/handshake_server_test.go b/libgo/go/crypto/tls/handshake_server_test.go index e00c32c..d98e13d 100644 --- a/libgo/go/crypto/tls/handshake_server_test.go +++ b/libgo/go/crypto/tls/handshake_server_test.go @@ -159,7 +159,7 @@ func TestHandshakeServerSSLv3(t *testing.T) { var serve = flag.Bool("serve", false, "run a TLS server on :10443") var testCipherSuites = flag.String("ciphersuites", - "0x"+strconv.Itob(int(TLS_RSA_WITH_RC4_128_SHA), 16), + "0x"+strconv.FormatInt(int64(TLS_RSA_WITH_RC4_128_SHA), 16), "cipher suites to accept in serving mode") func TestRunServer(t *testing.T) { @@ -170,7 +170,7 @@ func TestRunServer(t *testing.T) { suites := strings.Split(*testCipherSuites, ",") testConfig.CipherSuites = make([]uint16, len(suites)) for i := range suites { - suite, err := strconv.Btoui64(suites[i], 0) + suite, err := strconv.ParseUint(suites[i], 0, 64) if err != nil { panic(err) } diff --git a/libgo/go/crypto/x509/x509.go b/libgo/go/crypto/x509/x509.go index 7e6b5c9..65ca315 100644 --- a/libgo/go/crypto/x509/x509.go +++ b/libgo/go/crypto/x509/x509.go @@ -927,10 +927,15 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub *rsa.P return } - asn1Issuer, err := asn1.Marshal(parent.Subject.ToRDNSequence()) - if err != nil { - return + var asn1Issuer []byte + if len(parent.RawSubject) > 0 { + asn1Issuer = parent.RawSubject + } else { + if asn1Issuer, err = asn1.Marshal(parent.Subject.ToRDNSequence()); err != nil { + return + } } + asn1Subject, err := asn1.Marshal(template.Subject.ToRDNSequence()) if err != nil { return -- cgit v1.1