Tandem/certspotter
2
0
Fork 0
mirror of https://github.com/SSLMate/certspotter.git synced 2025-07-03 10:47:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add function to reconstruct pre-cert TBS from cert TBS

Browse Source
This commit is contained in:
Andrew Ayer 2016-05-16 11:32:48 -07:00
parent ae59c317dc
commit 6db3f7564c
1 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
precerts.go
View File

@ -22,6 +22,7 @@ func bitStringEqual (a, b *asn1.BitString) bool {
var (
oidExtensionAuthorityKeyId = []int{2, 5, 29, 35}
oidExtensionSCT = []int{1, 3, 6, 1, 4, 1, 11129, 2, 4, 2}
oidExtensionCTPoison = []int{1, 3, 6, 1, 4, 1, 11129, 2, 4, 3}
)
func ValidatePrecert (precertBytes []byte, tbsBytes []byte) error {
@ -115,3 +116,27 @@ func ValidatePrecert (precertBytes []byte, tbsBytes []byte) error {
return nil
}
func ReconstructPrecertTBS (tbs *TBSCertificate) (*TBSCertificate, error) {
precertTBS := TBSCertificate{
Version: tbs.Version,
SerialNumber: tbs.SerialNumber,
SignatureAlgorithm: tbs.SignatureAlgorithm,
Issuer: tbs.Issuer,
Validity: tbs.Validity,
Subject: tbs.Subject,
PublicKey: tbs.PublicKey,
UniqueId: tbs.UniqueId,
SubjectUniqueId: tbs.SubjectUniqueId,
Extensions: make([]Extension, 0, len(tbs.Extensions)),
}
for _, ext := range tbs.Extensions {
if !ext.Id.Equal(oidExtensionSCT) {
precertTBS.Extensions = append(precertTBS.Extensions, ext)
}
}
var err error
precertTBS.Raw, err = asn1.Marshal(precertTBS)
return &precertTBS, err
}