Skip to content

repeated extension #70039

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dulanshuangqiao opened this issue Oct 25, 2024 · 3 comments
Closed

repeated extension #70039

dulanshuangqiao opened this issue Oct 25, 2024 · 3 comments

Comments

@dulanshuangqiao
Copy link

dulanshuangqiao commented Oct 25, 2024
edited
Loading

Go version

go version go1.18.1 linux/amd64

Output of go env in your module/workspace:

GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/liu/.cache/go-build"
GOENV="/home/liu/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/home/liu/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/liu/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/lib/go-1.18"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/lib/go-1.18/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.18.1"
GCCGO="gccgo"
GOAMD64="v1"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/dev/null"
GOWORK=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build3649475886=/tmp/go-build -gno-record-gcc-switches"

What did you do?

I use x509.ParseCertificate(derBytes) to parse a der certificate which has two aki extensions
Test Cases.zip

What did you see happen?

The test case was parsed successfully

What did you expect to see?

This test case does not comply with the RFC5280 specification: 4.2 Introduction: "A certificate MUST NOT include more than one instance of a particular extension. For example, a certificate may contain only one authority key identifier extension (Section 4.2.1.1)." Is this a defect? ​​As a comparison, the Bouncycastle function X509CertificateHolder(derBytes) in the Java language throws an error: repeated extension found: 2.5.29.35
@gabyhelp
Copy link

Related Issues and Documentation

(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.)

@seankhliao
Copy link
Member

Duplicate of #50988

@seankhliao seankhliao marked this as a duplicate of #50988 Oct 25, 2024
@seankhliao seankhliao closed this as not planned Won't fix, can't repro, duplicate, stale Oct 25, 2024
@gabyhelp gabyhelp mentioned this issue Oct 28, 2024
Closed
@gabyhelp gabyhelp mentioned this issue Nov 30, 2024
Open
@gabyhelp gabyhelp mentioned this issue Jan 31, 2025
Closed
@gabyhelp gabyhelp mentioned this issue Mar 25, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@seankhliao @dulanshuangqiao @gabyhelp and others