536df07f72
parsing and printing to new syntax.
Use -oldparser to parse the old syntax,
use -oldprinter to print the old syntax.
2) Change default gofmt formatting settings
to use tabs for indentation only and to use
spaces for alignment. This will make the code
alignment insensitive to an editor's tabwidth.
Use -spaces=false to use tabs for alignment.
3) Manually changed src/exp/parser/parser_test.go
so that it doesn't try to parse the parser's
source files using the old syntax (they have
new syntax now).
4) gofmt -w src misc test/bench
1st set of files.
R=rsc
CC=agl, golang-dev, iant, ken2, r
https://golang.org/cl/180047
76 lines
1.9 KiB
Go
76 lines
1.9 KiB
Go
// Copyright 2009 The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package tls
|
|
|
|
import (
|
|
"crypto/x509"
|
|
"encoding/pem"
|
|
)
|
|
|
|
// A CASet is a set of certificates.
|
|
type CASet struct {
|
|
bySubjectKeyId map[string]*x509.Certificate
|
|
byName map[string]*x509.Certificate
|
|
}
|
|
|
|
func NewCASet() *CASet {
|
|
return &CASet{
|
|
make(map[string]*x509.Certificate),
|
|
make(map[string]*x509.Certificate),
|
|
}
|
|
}
|
|
|
|
func nameToKey(name *x509.Name) string {
|
|
return name.Country + "/" + name.OrganizationalUnit + "/" + name.OrganizationalUnit + "/" + name.CommonName
|
|
}
|
|
|
|
// FindParent attempts to find the certificate in s which signs the given
|
|
// certificate. If no such certificate can be found, it returns nil.
|
|
func (s *CASet) FindParent(cert *x509.Certificate) (parent *x509.Certificate) {
|
|
var ok bool
|
|
|
|
if len(cert.AuthorityKeyId) > 0 {
|
|
parent, ok = s.bySubjectKeyId[string(cert.AuthorityKeyId)]
|
|
} else {
|
|
parent, ok = s.byName[nameToKey(&cert.Issuer)]
|
|
}
|
|
|
|
if !ok {
|
|
return nil
|
|
}
|
|
return parent
|
|
}
|
|
|
|
// SetFromPEM attempts to parse a series of PEM encoded root certificates. It
|
|
// appends any certificates found to s and returns true if any certificates
|
|
// were successfully parsed. On many Linux systems, /etc/ssl/cert.pem will
|
|
// contains the system wide set of root CAs in a format suitable for this
|
|
// function.
|
|
func (s *CASet) SetFromPEM(pemCerts []byte) (ok bool) {
|
|
for len(pemCerts) > 0 {
|
|
var block *pem.Block
|
|
block, pemCerts = pem.Decode(pemCerts)
|
|
if block == nil {
|
|
break
|
|
}
|
|
if block.Type != "CERTIFICATE" || len(block.Headers) != 0 {
|
|
continue
|
|
}
|
|
|
|
cert, err := x509.ParseCertificate(block.Bytes)
|
|
if err != nil {
|
|
continue
|
|
}
|
|
|
|
if len(cert.SubjectKeyId) > 0 {
|
|
s.bySubjectKeyId[string(cert.SubjectKeyId)] = cert
|
|
}
|
|
s.byName[nameToKey(&cert.Subject)] = cert
|
|
ok = true
|
|
}
|
|
|
|
return
|
|
}
|