mirror/gmsm
1
0
Fork 0
mirror of https://github.com/emmansun/gmsm.git synced 2025-04-26 20:26:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Alias x509 types

Browse Source
This commit is contained in:
徐胖 2022-01-20 18:18:53 +08:00
parent b0a5a1c74a
commit 20dbdcd08f
4 changed files with 15 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
smx509/root_windows.go
View File

@ -208,11 +208,11 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate
keyUsages := opts.KeyUsages keyUsages := opts.KeyUsages
if len(keyUsages) == 0 { if len(keyUsages) == 0 {
keyUsages = []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth} keyUsages = []ExtKeyUsage{ExtKeyUsageServerAuth}
} }
oids := make([]*byte, 0, len(keyUsages)) oids := make([]*byte, 0, len(keyUsages))
for _, eku := range keyUsages { for _, eku := range keyUsages {
if eku == x509.ExtKeyUsageAny { if eku == ExtKeyUsageAny {
oids = nil oids = nil
break break
} }

12
smx509/verify.go
View File

@ -554,12 +554,12 @@ func (c *Certificate) Verify(opts VerifyOptions) (chains [][]*Certificate, err e
keyUsages := opts.KeyUsages keyUsages := opts.KeyUsages
if len(keyUsages) == 0 { if len(keyUsages) == 0 {
keyUsages = []ExtKeyUsage{x509.ExtKeyUsageServerAuth} keyUsages = []ExtKeyUsage{ExtKeyUsageServerAuth}
} }
// If any key usage is acceptable then we're done. // If any key usage is acceptable then we're done.
for _, usage := range keyUsages { for _, usage := range keyUsages {
if usage == x509.ExtKeyUsageAny { if usage == ExtKeyUsageAny {
return candidateChains, nil return candidateChains, nil
} }
} }
@ -846,7 +846,7 @@ NextCert:
} }
for _, usage := range cert.ExtKeyUsage { for _, usage := range cert.ExtKeyUsage {
if usage == x509.ExtKeyUsageAny { if usage == ExtKeyUsageAny {
// The certificate is explicitly good for any usage. // The certificate is explicitly good for any usage.
continue NextCert continue NextCert
} }
@ -863,9 +863,9 @@ NextCert:
for _, usage := range cert.ExtKeyUsage { for _, usage := range cert.ExtKeyUsage {
if requestedUsage == usage { if requestedUsage == usage {
continue NextRequestedUsage continue NextRequestedUsage
} else if requestedUsage == x509.ExtKeyUsageServerAuth && } else if requestedUsage == ExtKeyUsageServerAuth &&
(usage == x509.ExtKeyUsageNetscapeServerGatedCrypto || (usage == ExtKeyUsageNetscapeServerGatedCrypto ||
usage == x509.ExtKeyUsageMicrosoftServerGatedCrypto) { usage == ExtKeyUsageMicrosoftServerGatedCrypto) {
// In order to support COMODO // In order to support COMODO
// certificate chains, we have to // certificate chains, we have to
// accept Netscape or Microsoft SGC // accept Netscape or Microsoft SGC

10
smx509/verify_test.go
View File

@ -26,7 +26,7 @@ type verifyTest struct {
dnsName string dnsName string
systemSkip bool systemSkip bool
systemLax bool systemLax bool
keyUsages []x509.ExtKeyUsage keyUsages []ExtKeyUsage
errorCallback func(*testing.T, error) errorCallback func(*testing.T, error)
expectedChains [][]string expectedChains [][]string
@ -135,7 +135,7 @@ var verifyTests = []verifyTest{
intermediates: []string{startComIntermediate}, intermediates: []string{startComIntermediate},
roots: []string{startComRoot}, roots: []string{startComRoot},
currentTime: 1302726541, currentTime: 1302726541,
keyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageAny}, keyUsages: []ExtKeyUsage{ExtKeyUsageAny},
expectedChains: [][]string{ expectedChains: [][]string{
{"dnssec-exp", "StartCom Class 1", "StartCom Certification Authority"}, {"dnssec-exp", "StartCom Class 1", "StartCom Certification Authority"},
@ -184,7 +184,7 @@ var verifyTests = []verifyTest{
intermediates: []string{smimeIntermediate}, intermediates: []string{smimeIntermediate},
roots: []string{smimeRoot}, roots: []string{smimeRoot},
currentTime: 1594673418, currentTime: 1594673418,
keyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, keyUsages: []ExtKeyUsage{ExtKeyUsageServerAuth},
errorCallback: expectUsageError, errorCallback: expectUsageError,
}, },
@ -194,7 +194,7 @@ var verifyTests = []verifyTest{
intermediates: []string{smimeIntermediate}, intermediates: []string{smimeIntermediate},
roots: []string{smimeRoot}, roots: []string{smimeRoot},
currentTime: 1594673418, currentTime: 1594673418,
keyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageEmailProtection}, keyUsages: []ExtKeyUsage{ExtKeyUsageEmailProtection},
expectedChains: [][]string{ expectedChains: [][]string{
{"CORPORATIVO FICTICIO ACTIVO", "EAEko Herri Administrazioen CA - CA AAPP Vascas (2)", "IZENPE S.A."}, {"CORPORATIVO FICTICIO ACTIVO", "EAEko Herri Administrazioen CA - CA AAPP Vascas (2)", "IZENPE S.A."},
@ -1722,7 +1722,7 @@ func generateCert(cn string, isCA bool, issuer *x509.Certificate, issuerKey cryp
NotAfter: time.Now().Add(24 * time.Hour), NotAfter: time.Now().Add(24 * time.Hour),
KeyUsage: KeyUsageKeyEncipherment | KeyUsageDigitalSignature | KeyUsageCertSign, KeyUsage: KeyUsageKeyEncipherment | KeyUsageDigitalSignature | KeyUsageCertSign,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, ExtKeyUsage: []ExtKeyUsage{ExtKeyUsageServerAuth},
BasicConstraintsValid: true, BasicConstraintsValid: true,
IsCA: isCA, IsCA: isCA,
} }

4
smx509/x509_test.go
View File

@ -463,7 +463,7 @@ func TestCreateSelfSignedCertificate(t *testing.T) {
{"SM2", &sm2Priv.PublicKey, sm2Priv, true, SM2WithSM3}, {"SM2", &sm2Priv.PublicKey, sm2Priv, true, SM2WithSM3},
} }
testExtKeyUsage := []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth} testExtKeyUsage := []ExtKeyUsage{ExtKeyUsageClientAuth, ExtKeyUsageServerAuth}
testUnknownExtKeyUsage := []asn1.ObjectIdentifier{[]int{1, 2, 3}, []int{2, 59, 1}} testUnknownExtKeyUsage := []asn1.ObjectIdentifier{[]int{1, 2, 3}, []int{2, 59, 1}}
extraExtensionData := []byte("extra extension") extraExtensionData := []byte("extra extension")
@ -1654,7 +1654,7 @@ func TestUnknownExtKey(t *testing.T) {
template := &x509.Certificate{ template := &x509.Certificate{
SerialNumber: big.NewInt(10), SerialNumber: big.NewInt(10),
DNSNames: []string{"foo"}, DNSNames: []string{"foo"},
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsage(-1)}, ExtKeyUsage: []ExtKeyUsage{ExtKeyUsage(-1)},
} }
signer, err := rsa.GenerateKey(rand.Reader, 1024) signer, err := rsa.GenerateKey(rand.Reader, 1024)
if err != nil { if err != nil {