ssl: bug fix: verify cert signature against original cert DER
Our Erlang/OTP program calls out to a third-party web service over HTTPS. That web server's certificate includes the `id-ce-keyUsage` extension with typical values for a web server: `digitalSignature` and `keyEncipherment`. However, the bit string representation for this value is encoded in a nonstandard way:
The `00` byte indicates zero unused bits in the bit-string. Standard encoding has `05` instead, since only bits 1 and 3 are set, leaving 5 trailing zero bits.
This certificate parses just fine in OTP, but because it does not include the necessary fields in its `id-ce-authorityKeyIdentifier` extension the issuer must be looked-up in the CertDB. Because OTP encodes the key usages according to standard as hex `030205A0`, the process of re-encoding the certificate when searching for the issuer in the CertDB causes signature verification to fail erroneously, causing our program's client to fail validation of the server's certificate with the alert `unknown_ca`.
My patch provided the original binary DER to the `pkix_verify` function used during the fold over the CertDB, avoiding false negatives due to differences
between DER encoding implementations of OTP and other platforms. PR submitted at https://github.com/erlang/otp/pull/958