Add function to reconstruct pre-cert TBS from cert TBS

2016-05-16 11:32:48 -07:00 · 2016-05-16 11:32:48 -07:00 · 6db3f7564c
parent ae59c317dc
commit 6db3f7564c
1 changed files with 25 additions and 0 deletions
--- a/precerts.go
+++ b/precerts.go
@ -22,6 +22,7 @@ func bitStringEqual (a, b *asn1.BitString) bool {

 var (
 	oidExtensionAuthorityKeyId	= []int{2, 5, 29, 35}
+	oidExtensionSCT			= []int{1, 3, 6, 1, 4, 1, 11129, 2, 4, 2}
 	oidExtensionCTPoison		= []int{1, 3, 6, 1, 4, 1, 11129, 2, 4, 3}
 )
 func ValidatePrecert (precertBytes []byte, tbsBytes []byte) error {
@ -115,3 +116,27 @@ func ValidatePrecert (precertBytes []byte, tbsBytes []byte) error {

 	return nil
 }
+func ReconstructPrecertTBS (tbs *TBSCertificate) (*TBSCertificate, error) {
+	precertTBS := TBSCertificate{
+		Version:		tbs.Version,
+		SerialNumber:		tbs.SerialNumber,
+		SignatureAlgorithm:	tbs.SignatureAlgorithm,
+		Issuer:			tbs.Issuer,
+		Validity:		tbs.Validity,
+		Subject:		tbs.Subject,
+		PublicKey:		tbs.PublicKey,
+		UniqueId:		tbs.UniqueId,
+		SubjectUniqueId:	tbs.SubjectUniqueId,
+		Extensions:		make([]Extension, 0, len(tbs.Extensions)),
+	}
+
+	for _, ext := range tbs.Extensions {
+		if !ext.Id.Equal(oidExtensionSCT) {
+			precertTBS.Extensions = append(precertTBS.Extensions, ext)
+		}
+	}
+
+	var err error
+	precertTBS.Raw, err = asn1.Marshal(precertTBS)
+	return &precertTBS, err
+}