Skip to content

Commit

Permalink
Improve the util.IsServerAuthCert() function (#856)
Browse files Browse the repository at this point in the history
* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Update lint_invalid_subject_rdn_order_test.go

Added //nolint:all to comment block to avoid golangci-lint to complain about duplicate words in comment

* Update lint_invalid_subject_rdn_order.go

Fixed import block

* Update v3/lints/cabf_br/lint_invalid_subject_rdn_order.go

Fine to me.

Co-authored-by: Christopher Henderson <chris@chenderson.org>

* Update lint_invalid_subject_rdn_order.go

As per Chris Henderson's suggestion, to "improve readability".

* Update lint_invalid_subject_rdn_order_test.go

As per Chris Henderson's suggestion.

* Update time.go

Added CABFEV_Sec9_2_8_Date

* Add files via upload

* Add files via upload

* Revised according to Chris and Corey suggestions

* Add files via upload

* Add files via upload

* Delete v3/lints/cabf_br/lint_e_invalid_cps_uri.go

* Delete v3/lints/cabf_br/lint_e_invalid_cps_uri_test.go

* Delete v3/testdata/invalid_cps_uri_ko_01.pem

* Delete v3/testdata/invalid_cps_uri_ko_02.pem

* Delete v3/testdata/invalid_cps_uri_ko_03.pem

* Delete v3/testdata/invalid_cps_uri_ok_01.pem

* Delete v3/testdata/invalid_cps_uri_ok_02.pem

* Delete v3/testdata/invalid_cps_uri_ok_03.pem

* Update ca.go

* Update config.json

* Update config.json

---------

Co-authored-by: Christopher Henderson <chris@chenderson.org>
  • Loading branch information
defacto64 and christopher-henderson authored Jun 16, 2024
1 parent 5b73e7b commit e5da476
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 9 deletions.
16 changes: 8 additions & 8 deletions v3/integration/config.json
Original file line number Diff line number Diff line change
Expand Up @@ -345,7 +345,7 @@
"ErrCount": 1
},
"e_ca_key_usage_missing": {
"ErrCount": 13
"ErrCount": 9
},
"e_ca_key_usage_not_critical": {
"ErrCount": 40
Expand Down Expand Up @@ -677,7 +677,7 @@
"ErrCount": 292
},
"e_sub_ca_certificate_policies_missing": {
"ErrCount": 59
"ErrCount": 50
},
"e_sub_ca_crl_distribution_points_does_not_contain_url": {
"ErrCount": 2
Expand Down Expand Up @@ -751,7 +751,7 @@
"ErrCount": 2
},
"e_subject_common_name_not_from_san": {
"ErrCount": 94979
"ErrCount": 94978
},
"e_subject_contains_noninformational_value": {
"ErrCount": 338
Expand Down Expand Up @@ -818,7 +818,7 @@
},
"e_cab_dv_subject_invalid_values": {},
"n_ca_digital_signature_not_set": {
"NoticeCount": 1411
"NoticeCount": 1405
},
"n_contains_redacted_dnsname": {
"NoticeCount": 464
Expand All @@ -845,10 +845,10 @@
"NoticeCount": 1415
},
"n_sub_ca_eku_not_technically_constrained": {
"NoticeCount": 12
"NoticeCount": 2
},
"n_subject_common_name_included": {
"NoticeCount": 712866
"NoticeCount": 712865
},
"w_ct_sct_policy_count_unsatisfied": {
"NoticeCount": 5003
Expand Down Expand Up @@ -925,14 +925,14 @@
"w_san_should_not_be_critical": {},
"w_smime_aia_contains_internal_names": {},
"w_sub_ca_aia_does_not_contain_issuing_ca_url": {
"WarnCount": 990
"WarnCount": 989
},
"w_sub_ca_aia_missing": {
"WarnCount": 4
},
"w_sub_ca_certificate_policies_marked_critical": {},
"w_sub_ca_eku_critical": {
"WarnCount": 9
"WarnCount": 0
},
"w_sub_ca_name_constraints_not_critical": {
"WarnCount": 116
Expand Down
2 changes: 1 addition & 1 deletion v3/util/ca.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ func IsDelegatedOCSPResponderCert(cert *x509.Certificate) bool {
}

func IsServerAuthCert(cert *x509.Certificate) bool {
if len(cert.ExtKeyUsage) == 0 {
if len(cert.ExtKeyUsage) == 0 && len(cert.UnknownExtKeyUsage) == 0 {
return true
}
for _, eku := range cert.ExtKeyUsage {
Expand Down

0 comments on commit e5da476

Please sign in to comment.