Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/x509/pkix: clarify docs for ExtraNames field in pkix.Name #33094

Closed
rittneje opened this issue Jul 13, 2019 · 3 comments
Closed

crypto/x509/pkix: clarify docs for ExtraNames field in pkix.Name #33094

rittneje opened this issue Jul 13, 2019 · 3 comments
Labels
Documentation FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Milestone
Go1.15

Comments

@rittneje
Copy link

What version of Go are you using (go version)?

$ go version
go version go1.12.6 linux/amd64

Does this issue reproduce with the latest release?

Yes.

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/jrittner/.cache/go-build"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOOS="linux"
GOPATH="/home/jrittner/go-workspace"
GOPROXY=""
GORACE=""
GOROOT="/home/jrittner/go"
GOTMPDIR=""
GOTOOLDIR="/home/jrittner/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build691331496=/tmp/go-build -gno-record-gcc-switches"

What did you do?

I unmarshaled a pkix.Name containing a custom ExtraName, and printed it out.

https://play.golang.org/p/BUS-NDgjPLI

What did you expect to see?

1.2.3.4=#130673616d706c65,CN=foobar

What did you see instead?

CN=foobar
@dmitshur
Copy link
Contributor

/cc @FiloSottile

@dmitshur dmitshur added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Jul 15, 2019
@dmitshur dmitshur added this to the Go1.14 milestone Jul 15, 2019
@rsc rsc modified the milestones: Go1.14, Backlog Oct 9, 2019
@katiehockman katiehockman added NeedsFix The path to resolution is known, but the work has not been done. and removed NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. labels Apr 10, 2020
@katiehockman katiehockman modified the milestones: Backlog, Go1.15 Apr 22, 2020
@katiehockman katiehockman changed the title crypto/x509/pkix: Name.String() excludes unmarshaled extra names crypto/x509/pkix: clarify docs for ExtraNames field in pkix.Name Apr 23, 2020
@katiehockman
Copy link
Contributor

I don't think this is a bug that requires a code fix. I do agree that the behavior could be clearer though, so changed this issue to a documentation improvement (which I'll send a PR for shortly).

This behaves very similarly to x509.Certificate.ExtraExtensions and I think those docs explain this behavior a bit better:

// Extensions contains raw X.509 extensions. When parsing certificates,
// this can be used to extract non-critical extensions that are not
// parsed by this package. When marshaling certificates, the Extensions
// field is ignored, see ExtraExtensions.
Extensions []pkix.Extension

// ExtraExtensions contains extensions to be copied, raw, into any
// marshaled certificates. Values override any extensions that would
// otherwise be produced based on the other fields. The ExtraExtensions
// field is not populated when parsing certificates, see Extensions.
ExtraExtensions []pkix.Extension

This is the important part of the pkix.Name docs that could be expanded:

When parsing, all elements are stored in Names and non-standard elements can be extracted from there. When marshaling, elements in ExtraNames are appended and override other values with the same OID.

So what's happening here is that ExtraNames will override any standard elements (like Locality or Country) with the same OID. But for OIDs which aren't standard (like the one in your example {1, 2, 3, 4}, the attribute is simply put into name.Names.
If you inspect pkix.Name.Names you'll see that data is still there, it's just that pkix.Name.String() doesn't print these non-standard fields.

@gopherbot
Copy link

Change https://golang.org/cl/229864 mentions this issue: crypto/x509/pkix: clarify docs for pkix.Name fields.

xujianhai666 pushed a commit to xujianhai666/go-1 that referenced this issue May 21, 2020
@katiehockman @xujianhai666
crypto/x509/pkix: improve docs and Name.String()
c3c8eb4 
Previously, non-standard attributes in Name.Names were being
omitted when printed using Name.String(). Now, any non-standard
attributes that would not already be printed in Name.String()
are being added temporarily to Name.ExtraNames to be printed.

Fixes golang#33094
Fixes golang#23069

Change-Id: Id9829c20968e16db7194549f69c0eb5985044944
Reviewed-on: https://go-review.googlesource.com/c/go/+/229864
Run-TryBot: Katie Hockman <katie@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
@golang golang locked and limited conversation to collaborators Apr 29, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Documentation FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Milestone
Go1.15
Development

No branches or pull requests
5 participants
@rsc @dmitshur @gopherbot @rittneje @katiehockman