[ FAB-6299 ] Remove getDNFromCert() method

For go1.10, a pkix Name obejct now implements a String method that formats the X.509 distinguished name in the standard RFC 2253 format which obviates the getDNFromCert method. Change-Id: Ic0049ad4a7a013dfb38cce5d3ea6b5802c784bb4 Signed-off-by: Allen Bailey <[email protected]> Signed-off-by: Gari Singh <[email protected]>
hyperledger · May 25, 2018 · 37ba2c7 · 37ba2c7
1 parent a7a4075
commit 37ba2c7
Showing 1 changed file with 3 additions and 55 deletions.
diff --git a/lib/server.go b/lib/server.go
@@ -9,7 +9,6 @@ package lib
 import (
 	"crypto/tls"
 	"crypto/x509"
-	"crypto/x509/pkix"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -676,7 +675,7 @@ func (s *Server) compareDN(existingCACertFile, newCACertFile string) error {
 
 	err = existingDN.equal(newDN)
 	if err != nil {
-		return errors.Wrapf(err, "Please modify CSR in %s and try adding CA again", newCACertFile)
+		return errors.Wrapf(err, "a CA already exists with the following subject distinguished name: %s", newDN.subject)
 	}
 	return nil
 }
@@ -702,17 +701,9 @@ func (s *Server) loadDNFromCertFile(certFile string) (*DN, error) {
 	if err != nil {
 		return nil, err
 	}
-	issuerDN, err := s.getDNFromCert(cert.Issuer, "/")
-	if err != nil {
-		return nil, err
-	}
-	subjectDN, err := s.getDNFromCert(cert.Subject, "/")
-	if err != nil {
-		return nil, err
-	}
 	distinguishedName := &DN{
-		issuer:  issuerDN,
-		subject: subjectDN,
+		issuer:  cert.Issuer.String(),
+		subject: cert.Subject.String(),
 	}
 	return distinguishedName, nil
 }
@@ -768,46 +759,3 @@ func (dn *DN) equal(checkDN *DN) error {
 	}
 	return nil
 }
-
-func (s *Server) getDNFromCert(namespace pkix.Name, sep string) (string, error) {
-	subject := []string{}
-	for _, s := range namespace.ToRDNSequence() {
-		for _, i := range s {
-			if v, ok := i.Value.(string); ok {
-				if name, ok := oid[i.Type.String()]; ok {
-					// <oid name>=<value>
-					subject = append(subject, fmt.Sprintf("%s=%s", name, v))
-				} else {
-					// <oid>=<value> if no <oid name> is found
-					subject = append(subject, fmt.Sprintf("%s=%s", i.Type.String(), v))
-				}
-			} else {
-				// <oid>=<value in default format> if value is not string
-				subject = append(subject, fmt.Sprintf("%s=%v", i.Type.String(), v))
-			}
-		}
-	}
-	return sep + strings.Join(subject, sep), nil
-}
-
-var oid = map[string]string{
-	"2.5.4.3":                    "CN",
-	"2.5.4.4":                    "SN",
-	"2.5.4.5":                    "serialNumber",
-	"2.5.4.6":                    "C",
-	"2.5.4.7":                    "L",
-	"2.5.4.8":                    "ST",
-	"2.5.4.9":                    "streetAddress",
-	"2.5.4.10":                   "O",
-	"2.5.4.11":                   "OU",
-	"2.5.4.12":                   "title",
-	"2.5.4.17":                   "postalCode",
-	"2.5.4.42":                   "GN",
-	"2.5.4.43":                   "initials",
-	"2.5.4.44":                   "generationQualifier",
-	"2.5.4.46":                   "dnQualifier",
-	"2.5.4.65":                   "pseudonym",
-	"0.9.2342.19200300.100.1.25": "DC",
-	"1.2.840.113549.1.9.1":       "emailAddress",
-	"0.9.2342.19200300.100.1.1":  "userid",
-}