Documentation ¶
Index ¶
- Variables
- func ReadCertificate(inPath string) *x509.Certificate
- func RegisterLint(l *Lint)
- type CertContainsUniqueIdentifier
- type CertExtensionsVersonNot3
- type CertPolicyIVRequiresCountry
- type CertPolicyIVRequiresProvinceOrLocal
- type CertPolicyOVRequiresCountry
- type CertPolicyOVRequiresProvinceOrLocal
- type CertPolicyRequiresOrg
- type CertPolicyRequiresPersonalName
- type DNSNameEmptyLabel
- type DNSNameHyphenInSLD
- type DNSNameLabelLengthTooLong
- type DNSNameLeftLabelWildcardCheck
- type DNSNameProperCharacters
- type DNSNameRedacted
- type DNSNameUnderscoreInSLD
- type DNSNameUnderscoreInTRD
- type DNSNameValidTLD
- type DNSNameWildcardLeftofPublicSuffix
- type DNSNameWildcardOnlyInLeftlabel
- type ExtAiaMarkedCritical
- type ExtCertPolicyDuplicate
- type ExtCertPolicyExplicitTextNotNFC
- type ExtCrlDistributionMarkedCritical
- type ExtDuplicateExtension
- type ExtFreshestCrlMarkedCritical
- type ExtIANCritical
- type ExtSANCriticalWithSubjectDN
- type IANDNSNotIA5String
- type IANDNSNull
- type IANDNSPeriod
- type IANEmail
- type IANEmptyName
- type IANNoEntry
- type IANPubSuffix
- type IANSpace
- type IANURIFQDNOrIP
- type IANURIFormat
- type IANURIIA5String
- type IDNMalformedUnicode
- type IDNNotNFC
- type InhibitAnyPolicyNotCritical
- type InvalidCertificateVersion
- type IssuerDNCountryNotPrintableString
- type IssuerDNLeadingSpace
- type IssuerDNTrailingSpace
- type IssuerRDNHasMultipleAttribute
- type Lint
- type LintInterface
- type LintResult
- type LintSource
- type LintStatus
- type SANDNSNotIA5String
- type SANDNSNull
- type SANDNSPeriod
- type SANDNSTooLong
- type SANDirName
- type SANEDI
- type SANEmptyName
- type SANIsSpaceDNS
- type SANMissing
- type SANNoEntry
- type SANOtherName
- type SANRegId
- type SANReservedIP
- type SANRfc822
- type SANURI
- type SANURIHost
- type SANWildCardFirst
- type SerialNumberNotPositive
- type SubCANameConstraintsNotCritical
- type SubjectDNCountryNotPrintableString
- type SubjectDNLeadingSpace
- type SubjectDNSerialNumberMaxLength
- type SubjectDNSerialNumberNotPrintableString
- type SubjectDNTrailingSpace
- type SubjectRDNHasMultipleAttribute
Constants ¶
This section is empty.
Variables ¶
var ( // Lints is a map of all known lints by name. Add a Lint to the map by calling // RegisterLint. Lints = make(map[string]*Lint) )
Functions ¶
func ReadCertificate ¶
func ReadCertificate(inPath string) *x509.Certificate
func RegisterLint ¶
func RegisterLint(l *Lint)
RegisterLint must be called once for each lint to be excuted. Duplicate lint names are squashed. Normally, RegisterLint is called during init().
Types ¶
type CertContainsUniqueIdentifier ¶
type CertContainsUniqueIdentifier struct{}
func (*CertContainsUniqueIdentifier) CheckApplies ¶
func (l *CertContainsUniqueIdentifier) CheckApplies(cert *x509.Certificate) bool
func (*CertContainsUniqueIdentifier) Execute ¶
func (l *CertContainsUniqueIdentifier) Execute(cert *x509.Certificate) *LintResult
func (*CertContainsUniqueIdentifier) Initialize ¶
func (l *CertContainsUniqueIdentifier) Initialize() error
type CertExtensionsVersonNot3 ¶
type CertExtensionsVersonNot3 struct{}
func (*CertExtensionsVersonNot3) CheckApplies ¶
func (l *CertExtensionsVersonNot3) CheckApplies(cert *x509.Certificate) bool
func (*CertExtensionsVersonNot3) Execute ¶
func (l *CertExtensionsVersonNot3) Execute(cert *x509.Certificate) *LintResult
func (*CertExtensionsVersonNot3) Initialize ¶
func (l *CertExtensionsVersonNot3) Initialize() error
type CertPolicyIVRequiresCountry ¶
type CertPolicyIVRequiresCountry struct{}
func (*CertPolicyIVRequiresCountry) CheckApplies ¶
func (l *CertPolicyIVRequiresCountry) CheckApplies(cert *x509.Certificate) bool
func (*CertPolicyIVRequiresCountry) Execute ¶
func (l *CertPolicyIVRequiresCountry) Execute(cert *x509.Certificate) *LintResult
func (*CertPolicyIVRequiresCountry) Initialize ¶
func (l *CertPolicyIVRequiresCountry) Initialize() error
type CertPolicyIVRequiresProvinceOrLocal ¶
type CertPolicyIVRequiresProvinceOrLocal struct{}
func (*CertPolicyIVRequiresProvinceOrLocal) CheckApplies ¶
func (l *CertPolicyIVRequiresProvinceOrLocal) CheckApplies(cert *x509.Certificate) bool
func (*CertPolicyIVRequiresProvinceOrLocal) Execute ¶
func (l *CertPolicyIVRequiresProvinceOrLocal) Execute(cert *x509.Certificate) *LintResult
func (*CertPolicyIVRequiresProvinceOrLocal) Initialize ¶
func (l *CertPolicyIVRequiresProvinceOrLocal) Initialize() error
type CertPolicyOVRequiresCountry ¶
type CertPolicyOVRequiresCountry struct{}
func (*CertPolicyOVRequiresCountry) CheckApplies ¶
func (l *CertPolicyOVRequiresCountry) CheckApplies(cert *x509.Certificate) bool
func (*CertPolicyOVRequiresCountry) Execute ¶
func (l *CertPolicyOVRequiresCountry) Execute(cert *x509.Certificate) *LintResult
func (*CertPolicyOVRequiresCountry) Initialize ¶
func (l *CertPolicyOVRequiresCountry) Initialize() error
type CertPolicyOVRequiresProvinceOrLocal ¶
type CertPolicyOVRequiresProvinceOrLocal struct{}
func (*CertPolicyOVRequiresProvinceOrLocal) CheckApplies ¶
func (l *CertPolicyOVRequiresProvinceOrLocal) CheckApplies(cert *x509.Certificate) bool
func (*CertPolicyOVRequiresProvinceOrLocal) Execute ¶
func (l *CertPolicyOVRequiresProvinceOrLocal) Execute(cert *x509.Certificate) *LintResult
func (*CertPolicyOVRequiresProvinceOrLocal) Initialize ¶
func (l *CertPolicyOVRequiresProvinceOrLocal) Initialize() error
type CertPolicyRequiresOrg ¶
type CertPolicyRequiresOrg struct{}
func (*CertPolicyRequiresOrg) CheckApplies ¶
func (l *CertPolicyRequiresOrg) CheckApplies(cert *x509.Certificate) bool
func (*CertPolicyRequiresOrg) Execute ¶
func (l *CertPolicyRequiresOrg) Execute(cert *x509.Certificate) *LintResult
func (*CertPolicyRequiresOrg) Initialize ¶
func (l *CertPolicyRequiresOrg) Initialize() error
type CertPolicyRequiresPersonalName ¶
type CertPolicyRequiresPersonalName struct{}
func (*CertPolicyRequiresPersonalName) CheckApplies ¶
func (l *CertPolicyRequiresPersonalName) CheckApplies(cert *x509.Certificate) bool
func (*CertPolicyRequiresPersonalName) Execute ¶
func (l *CertPolicyRequiresPersonalName) Execute(cert *x509.Certificate) *LintResult
func (*CertPolicyRequiresPersonalName) Initialize ¶
func (l *CertPolicyRequiresPersonalName) Initialize() error
type DNSNameEmptyLabel ¶
type DNSNameEmptyLabel struct{}
func (*DNSNameEmptyLabel) CheckApplies ¶
func (l *DNSNameEmptyLabel) CheckApplies(c *x509.Certificate) bool
func (*DNSNameEmptyLabel) Execute ¶
func (l *DNSNameEmptyLabel) Execute(c *x509.Certificate) *LintResult
func (*DNSNameEmptyLabel) Initialize ¶
func (l *DNSNameEmptyLabel) Initialize() error
type DNSNameHyphenInSLD ¶
type DNSNameHyphenInSLD struct{}
func (*DNSNameHyphenInSLD) CheckApplies ¶
func (l *DNSNameHyphenInSLD) CheckApplies(c *x509.Certificate) bool
func (*DNSNameHyphenInSLD) Execute ¶
func (l *DNSNameHyphenInSLD) Execute(c *x509.Certificate) *LintResult
func (*DNSNameHyphenInSLD) Initialize ¶
func (l *DNSNameHyphenInSLD) Initialize() error
type DNSNameLabelLengthTooLong ¶
type DNSNameLabelLengthTooLong struct{}
func (*DNSNameLabelLengthTooLong) CheckApplies ¶
func (l *DNSNameLabelLengthTooLong) CheckApplies(c *x509.Certificate) bool
func (*DNSNameLabelLengthTooLong) Execute ¶
func (l *DNSNameLabelLengthTooLong) Execute(c *x509.Certificate) *LintResult
func (*DNSNameLabelLengthTooLong) Initialize ¶
func (l *DNSNameLabelLengthTooLong) Initialize() error
type DNSNameLeftLabelWildcardCheck ¶
type DNSNameLeftLabelWildcardCheck struct{}
func (*DNSNameLeftLabelWildcardCheck) CheckApplies ¶
func (l *DNSNameLeftLabelWildcardCheck) CheckApplies(c *x509.Certificate) bool
func (*DNSNameLeftLabelWildcardCheck) Execute ¶
func (l *DNSNameLeftLabelWildcardCheck) Execute(c *x509.Certificate) *LintResult
func (*DNSNameLeftLabelWildcardCheck) Initialize ¶
func (l *DNSNameLeftLabelWildcardCheck) Initialize() error
type DNSNameProperCharacters ¶
func (*DNSNameProperCharacters) CheckApplies ¶
func (l *DNSNameProperCharacters) CheckApplies(c *x509.Certificate) bool
func (*DNSNameProperCharacters) Execute ¶
func (l *DNSNameProperCharacters) Execute(c *x509.Certificate) *LintResult
func (*DNSNameProperCharacters) Initialize ¶
func (l *DNSNameProperCharacters) Initialize() error
type DNSNameRedacted ¶
type DNSNameRedacted struct{}
func (*DNSNameRedacted) CheckApplies ¶
func (l *DNSNameRedacted) CheckApplies(c *x509.Certificate) bool
func (*DNSNameRedacted) Execute ¶
func (l *DNSNameRedacted) Execute(c *x509.Certificate) *LintResult
func (*DNSNameRedacted) Initialize ¶
func (l *DNSNameRedacted) Initialize() error
type DNSNameUnderscoreInSLD ¶
type DNSNameUnderscoreInSLD struct{}
func (*DNSNameUnderscoreInSLD) CheckApplies ¶
func (l *DNSNameUnderscoreInSLD) CheckApplies(c *x509.Certificate) bool
func (*DNSNameUnderscoreInSLD) Execute ¶
func (l *DNSNameUnderscoreInSLD) Execute(c *x509.Certificate) *LintResult
func (*DNSNameUnderscoreInSLD) Initialize ¶
func (l *DNSNameUnderscoreInSLD) Initialize() error
type DNSNameUnderscoreInTRD ¶
type DNSNameUnderscoreInTRD struct{}
func (*DNSNameUnderscoreInTRD) CheckApplies ¶
func (l *DNSNameUnderscoreInTRD) CheckApplies(c *x509.Certificate) bool
func (*DNSNameUnderscoreInTRD) Execute ¶
func (l *DNSNameUnderscoreInTRD) Execute(c *x509.Certificate) *LintResult
func (*DNSNameUnderscoreInTRD) Initialize ¶
func (l *DNSNameUnderscoreInTRD) Initialize() error
type DNSNameValidTLD ¶
type DNSNameValidTLD struct{}
func (*DNSNameValidTLD) CheckApplies ¶
func (l *DNSNameValidTLD) CheckApplies(c *x509.Certificate) bool
func (*DNSNameValidTLD) Execute ¶
func (l *DNSNameValidTLD) Execute(c *x509.Certificate) *LintResult
func (*DNSNameValidTLD) Initialize ¶
func (l *DNSNameValidTLD) Initialize() error
type DNSNameWildcardLeftofPublicSuffix ¶
type DNSNameWildcardLeftofPublicSuffix struct{}
func (*DNSNameWildcardLeftofPublicSuffix) CheckApplies ¶
func (l *DNSNameWildcardLeftofPublicSuffix) CheckApplies(c *x509.Certificate) bool
func (*DNSNameWildcardLeftofPublicSuffix) Execute ¶
func (l *DNSNameWildcardLeftofPublicSuffix) Execute(c *x509.Certificate) *LintResult
func (*DNSNameWildcardLeftofPublicSuffix) Initialize ¶
func (l *DNSNameWildcardLeftofPublicSuffix) Initialize() error
type DNSNameWildcardOnlyInLeftlabel ¶
type DNSNameWildcardOnlyInLeftlabel struct{}
func (*DNSNameWildcardOnlyInLeftlabel) CheckApplies ¶
func (l *DNSNameWildcardOnlyInLeftlabel) CheckApplies(c *x509.Certificate) bool
func (*DNSNameWildcardOnlyInLeftlabel) Execute ¶
func (l *DNSNameWildcardOnlyInLeftlabel) Execute(c *x509.Certificate) *LintResult
func (*DNSNameWildcardOnlyInLeftlabel) Initialize ¶
func (l *DNSNameWildcardOnlyInLeftlabel) Initialize() error
type ExtAiaMarkedCritical ¶
type ExtAiaMarkedCritical struct{}
func (*ExtAiaMarkedCritical) CheckApplies ¶
func (l *ExtAiaMarkedCritical) CheckApplies(cert *x509.Certificate) bool
func (*ExtAiaMarkedCritical) Execute ¶
func (l *ExtAiaMarkedCritical) Execute(cert *x509.Certificate) *LintResult
func (*ExtAiaMarkedCritical) Initialize ¶
func (l *ExtAiaMarkedCritical) Initialize() error
type ExtCertPolicyDuplicate ¶
type ExtCertPolicyDuplicate struct{}
func (*ExtCertPolicyDuplicate) CheckApplies ¶
func (l *ExtCertPolicyDuplicate) CheckApplies(cert *x509.Certificate) bool
func (*ExtCertPolicyDuplicate) Execute ¶
func (l *ExtCertPolicyDuplicate) Execute(cert *x509.Certificate) *LintResult
func (*ExtCertPolicyDuplicate) Initialize ¶
func (l *ExtCertPolicyDuplicate) Initialize() error
type ExtCertPolicyExplicitTextNotNFC ¶
type ExtCertPolicyExplicitTextNotNFC struct{}
func (*ExtCertPolicyExplicitTextNotNFC) CheckApplies ¶
func (l *ExtCertPolicyExplicitTextNotNFC) CheckApplies(c *x509.Certificate) bool
func (*ExtCertPolicyExplicitTextNotNFC) Execute ¶
func (l *ExtCertPolicyExplicitTextNotNFC) Execute(c *x509.Certificate) *LintResult
func (*ExtCertPolicyExplicitTextNotNFC) Initialize ¶
func (l *ExtCertPolicyExplicitTextNotNFC) Initialize() error
type ExtCrlDistributionMarkedCritical ¶
type ExtCrlDistributionMarkedCritical struct{}
func (*ExtCrlDistributionMarkedCritical) CheckApplies ¶
func (l *ExtCrlDistributionMarkedCritical) CheckApplies(cert *x509.Certificate) bool
func (*ExtCrlDistributionMarkedCritical) Execute ¶
func (l *ExtCrlDistributionMarkedCritical) Execute(cert *x509.Certificate) *LintResult
func (*ExtCrlDistributionMarkedCritical) Initialize ¶
func (l *ExtCrlDistributionMarkedCritical) Initialize() error
type ExtDuplicateExtension ¶
type ExtDuplicateExtension struct{}
func (*ExtDuplicateExtension) CheckApplies ¶
func (l *ExtDuplicateExtension) CheckApplies(cert *x509.Certificate) bool
func (*ExtDuplicateExtension) Execute ¶
func (l *ExtDuplicateExtension) Execute(cert *x509.Certificate) *LintResult
func (*ExtDuplicateExtension) Initialize ¶
func (l *ExtDuplicateExtension) Initialize() error
type ExtFreshestCrlMarkedCritical ¶
type ExtFreshestCrlMarkedCritical struct{}
func (*ExtFreshestCrlMarkedCritical) CheckApplies ¶
func (l *ExtFreshestCrlMarkedCritical) CheckApplies(cert *x509.Certificate) bool
func (*ExtFreshestCrlMarkedCritical) Execute ¶
func (l *ExtFreshestCrlMarkedCritical) Execute(cert *x509.Certificate) *LintResult
func (*ExtFreshestCrlMarkedCritical) Initialize ¶
func (l *ExtFreshestCrlMarkedCritical) Initialize() error
type ExtIANCritical ¶
type ExtIANCritical struct{}
func (*ExtIANCritical) CheckApplies ¶
func (l *ExtIANCritical) CheckApplies(cert *x509.Certificate) bool
func (*ExtIANCritical) Execute ¶
func (l *ExtIANCritical) Execute(cert *x509.Certificate) *LintResult
func (*ExtIANCritical) Initialize ¶
func (l *ExtIANCritical) Initialize() error
type ExtSANCriticalWithSubjectDN ¶
type ExtSANCriticalWithSubjectDN struct{}
func (*ExtSANCriticalWithSubjectDN) CheckApplies ¶
func (l *ExtSANCriticalWithSubjectDN) CheckApplies(cert *x509.Certificate) bool
func (*ExtSANCriticalWithSubjectDN) Execute ¶
func (l *ExtSANCriticalWithSubjectDN) Execute(cert *x509.Certificate) *LintResult
func (*ExtSANCriticalWithSubjectDN) Initialize ¶
func (l *ExtSANCriticalWithSubjectDN) Initialize() error
type IANDNSNotIA5String ¶
type IANDNSNotIA5String struct{}
func (*IANDNSNotIA5String) CheckApplies ¶
func (l *IANDNSNotIA5String) CheckApplies(c *x509.Certificate) bool
func (*IANDNSNotIA5String) Execute ¶
func (l *IANDNSNotIA5String) Execute(c *x509.Certificate) *LintResult
func (*IANDNSNotIA5String) Initialize ¶
func (l *IANDNSNotIA5String) Initialize() error
type IANDNSNull ¶
type IANDNSNull struct{}
func (*IANDNSNull) CheckApplies ¶
func (l *IANDNSNull) CheckApplies(c *x509.Certificate) bool
func (*IANDNSNull) Execute ¶
func (l *IANDNSNull) Execute(c *x509.Certificate) *LintResult
func (*IANDNSNull) Initialize ¶
func (l *IANDNSNull) Initialize() error
type IANDNSPeriod ¶
type IANDNSPeriod struct{}
func (*IANDNSPeriod) CheckApplies ¶
func (l *IANDNSPeriod) CheckApplies(c *x509.Certificate) bool
func (*IANDNSPeriod) Execute ¶
func (l *IANDNSPeriod) Execute(c *x509.Certificate) *LintResult
func (*IANDNSPeriod) Initialize ¶
func (l *IANDNSPeriod) Initialize() error
type IANEmail ¶
type IANEmail struct{}
func (*IANEmail) CheckApplies ¶
func (l *IANEmail) CheckApplies(c *x509.Certificate) bool
func (*IANEmail) Execute ¶
func (l *IANEmail) Execute(c *x509.Certificate) *LintResult
func (*IANEmail) Initialize ¶
type IANEmptyName ¶
type IANEmptyName struct{}
func (*IANEmptyName) CheckApplies ¶
func (l *IANEmptyName) CheckApplies(c *x509.Certificate) bool
func (*IANEmptyName) Execute ¶
func (l *IANEmptyName) Execute(c *x509.Certificate) *LintResult
func (*IANEmptyName) Initialize ¶
func (l *IANEmptyName) Initialize() error
type IANNoEntry ¶
type IANNoEntry struct{}
func (*IANNoEntry) CheckApplies ¶
func (l *IANNoEntry) CheckApplies(c *x509.Certificate) bool
func (*IANNoEntry) Execute ¶
func (l *IANNoEntry) Execute(c *x509.Certificate) *LintResult
func (*IANNoEntry) Initialize ¶
func (l *IANNoEntry) Initialize() error
type IANPubSuffix ¶
type IANPubSuffix struct{}
func (*IANPubSuffix) CheckApplies ¶
func (l *IANPubSuffix) CheckApplies(c *x509.Certificate) bool
func (*IANPubSuffix) Execute ¶
func (l *IANPubSuffix) Execute(c *x509.Certificate) *LintResult
func (*IANPubSuffix) Initialize ¶
func (l *IANPubSuffix) Initialize() error
type IANSpace ¶
type IANSpace struct{}
func (*IANSpace) CheckApplies ¶
func (l *IANSpace) CheckApplies(c *x509.Certificate) bool
func (*IANSpace) Execute ¶
func (l *IANSpace) Execute(c *x509.Certificate) *LintResult
func (*IANSpace) Initialize ¶
type IANURIFQDNOrIP ¶
type IANURIFQDNOrIP struct{}
func (*IANURIFQDNOrIP) CheckApplies ¶
func (l *IANURIFQDNOrIP) CheckApplies(c *x509.Certificate) bool
func (*IANURIFQDNOrIP) Execute ¶
func (l *IANURIFQDNOrIP) Execute(c *x509.Certificate) *LintResult
func (*IANURIFQDNOrIP) Initialize ¶
func (l *IANURIFQDNOrIP) Initialize() error
type IANURIFormat ¶
type IANURIFormat struct{}
func (*IANURIFormat) CheckApplies ¶
func (l *IANURIFormat) CheckApplies(c *x509.Certificate) bool
func (*IANURIFormat) Execute ¶
func (l *IANURIFormat) Execute(c *x509.Certificate) *LintResult
func (*IANURIFormat) Initialize ¶
func (l *IANURIFormat) Initialize() error
type IANURIIA5String ¶
type IANURIIA5String struct{}
func (*IANURIIA5String) CheckApplies ¶
func (l *IANURIIA5String) CheckApplies(c *x509.Certificate) bool
func (*IANURIIA5String) Execute ¶
func (l *IANURIIA5String) Execute(c *x509.Certificate) *LintResult
func (*IANURIIA5String) Initialize ¶
func (l *IANURIIA5String) Initialize() error
type IDNMalformedUnicode ¶
type IDNMalformedUnicode struct{}
func (*IDNMalformedUnicode) CheckApplies ¶
func (l *IDNMalformedUnicode) CheckApplies(c *x509.Certificate) bool
func (*IDNMalformedUnicode) Execute ¶
func (l *IDNMalformedUnicode) Execute(c *x509.Certificate) *LintResult
func (*IDNMalformedUnicode) Initialize ¶
func (l *IDNMalformedUnicode) Initialize() error
type IDNNotNFC ¶
type IDNNotNFC struct{}
func (*IDNNotNFC) CheckApplies ¶
func (l *IDNNotNFC) CheckApplies(c *x509.Certificate) bool
func (*IDNNotNFC) Execute ¶
func (l *IDNNotNFC) Execute(c *x509.Certificate) *LintResult
func (*IDNNotNFC) Initialize ¶
type InhibitAnyPolicyNotCritical ¶
type InhibitAnyPolicyNotCritical struct{}
func (*InhibitAnyPolicyNotCritical) CheckApplies ¶
func (l *InhibitAnyPolicyNotCritical) CheckApplies(cert *x509.Certificate) bool
func (*InhibitAnyPolicyNotCritical) Execute ¶
func (l *InhibitAnyPolicyNotCritical) Execute(cert *x509.Certificate) *LintResult
func (*InhibitAnyPolicyNotCritical) Initialize ¶
func (l *InhibitAnyPolicyNotCritical) Initialize() error
type InvalidCertificateVersion ¶
type InvalidCertificateVersion struct{}
func (*InvalidCertificateVersion) CheckApplies ¶
func (l *InvalidCertificateVersion) CheckApplies(cert *x509.Certificate) bool
func (*InvalidCertificateVersion) Execute ¶
func (l *InvalidCertificateVersion) Execute(cert *x509.Certificate) *LintResult
func (*InvalidCertificateVersion) Initialize ¶
func (l *InvalidCertificateVersion) Initialize() error
type IssuerDNCountryNotPrintableString ¶
type IssuerDNCountryNotPrintableString struct{}
func (*IssuerDNCountryNotPrintableString) CheckApplies ¶
func (l *IssuerDNCountryNotPrintableString) CheckApplies(c *x509.Certificate) bool
func (*IssuerDNCountryNotPrintableString) Execute ¶
func (l *IssuerDNCountryNotPrintableString) Execute(c *x509.Certificate) *LintResult
func (*IssuerDNCountryNotPrintableString) Initialize ¶
func (l *IssuerDNCountryNotPrintableString) Initialize() error
type IssuerDNLeadingSpace ¶
type IssuerDNLeadingSpace struct{}
func (*IssuerDNLeadingSpace) CheckApplies ¶
func (l *IssuerDNLeadingSpace) CheckApplies(c *x509.Certificate) bool
func (*IssuerDNLeadingSpace) Execute ¶
func (l *IssuerDNLeadingSpace) Execute(c *x509.Certificate) *LintResult
func (*IssuerDNLeadingSpace) Initialize ¶
func (l *IssuerDNLeadingSpace) Initialize() error
type IssuerDNTrailingSpace ¶
type IssuerDNTrailingSpace struct{}
func (*IssuerDNTrailingSpace) CheckApplies ¶
func (l *IssuerDNTrailingSpace) CheckApplies(c *x509.Certificate) bool
func (*IssuerDNTrailingSpace) Execute ¶
func (l *IssuerDNTrailingSpace) Execute(c *x509.Certificate) *LintResult
func (*IssuerDNTrailingSpace) Initialize ¶
func (l *IssuerDNTrailingSpace) Initialize() error
type IssuerRDNHasMultipleAttribute ¶
type IssuerRDNHasMultipleAttribute struct{}
func (*IssuerRDNHasMultipleAttribute) CheckApplies ¶
func (l *IssuerRDNHasMultipleAttribute) CheckApplies(c *x509.Certificate) bool
func (*IssuerRDNHasMultipleAttribute) Execute ¶
func (l *IssuerRDNHasMultipleAttribute) Execute(c *x509.Certificate) *LintResult
func (*IssuerRDNHasMultipleAttribute) Initialize ¶
func (l *IssuerRDNHasMultipleAttribute) Initialize() error
type Lint ¶
type Lint struct { // Name is a lowercase underscore-separated string describing what a given // Lint checks. If Name beings with "w", the lint MUST NOT return Error, only // Warn. If Name beings with "e", the Lint MUST NOT return Warn, only Error. Name string `json:"name,omitempty"` // A human-readable description of what the Lint checks. Usually copied // directly from the CA/B Baseline Requirements or RFC 5280. Description string `json:"description,omitempty"` // The source of the check, e.g. "BRs: 6.1.6" or "RFC 5280: 4.1.2.6". Citation string `json:"citation,omitempty"` // Programmatic source of the check, BRs, RFC5280, or ZLint Source LintSource `json:"-"` // Lints automatically returns NE for all certificates where CheckApplies() is // true but with NotBefore < EffectiveDate. This check is bypassed if // EffectiveDate is zero. EffectiveDate time.Time `json:"-"` // The implementation of the lint logic. Lint LintInterface `json:"-"` }
A Lint struct represents a single lint, e.g. "e_basic_constraints_not_critical". It contains an implementation of LintInterface.
func (*Lint) CheckEffective ¶
func (l *Lint) CheckEffective(c *x509.Certificate) bool
CheckEffective returns true if c was issued on or after the EffectiveDate. If EffectiveDate is zero, CheckEffective always returns true.
func (*Lint) Execute ¶
func (l *Lint) Execute(cert *x509.Certificate) *LintResult
Execute runs the lint against a certificate. For lints that are sourced from the CA/B Forum Baseline Requirements, we first determine if they are within the purview of the BRs. See LintInterface for details about the other methods called. The ordering is as follows:
CheckApplies() CheckEffective() Execute()
type LintInterface ¶
type LintInterface interface { // Initialize runs once per-lint. It is called during RegisterLint(). Initialize() error // CheckApplies runs once per certificate. It returns true if the Lint should // run on the given certificate. If CheckApplies returns false, the Lint // result is automatically set to NA without calling CheckEffective() or // Run(). CheckApplies(c *x509.Certificate) bool // Execute() is the body of the lint. It is called for every certificate for // which CheckApplies() returns true. Execute(c *x509.Certificate) *LintResult }
LintInterface is implemented by each Lint.
type LintResult ¶
type LintResult struct { Status LintStatus `json:"result"` Details string `json:"details,omitempty"` }
LintResult contains a LintStatus, and an optional human-readable description. The output of a lint is a LintResult.
type LintSource ¶
type LintSource int
An Enum to programmatically represent the source of a lint
const ( UnknownLintSource LintSource = iota CABFBaselineRequirements RFC5280 RFC5891 ZLint AWSLabs )
type LintStatus ¶
type LintStatus int
LintStatus is an enum returned by lints inside of a LintResult.
const ( // Unused / unset LintStatus Reserved LintStatus = 0 // Not Applicable NA LintStatus = 1 // Not Effective NE LintStatus = 2 Pass LintStatus = 3 Notice LintStatus = 4 Warn LintStatus = 5 Error LintStatus = 6 Fatal LintStatus = 7 )
Known LintStatus values
func (LintStatus) MarshalJSON ¶
func (e LintStatus) MarshalJSON() ([]byte, error)
MarshalJSON implements the json.Marshaler interface.
func (LintStatus) String ¶
func (e LintStatus) String() string
String returns the canonical representation of a LintStatus as a string.
type SANDNSNotIA5String ¶
type SANDNSNotIA5String struct{}
func (*SANDNSNotIA5String) CheckApplies ¶
func (l *SANDNSNotIA5String) CheckApplies(c *x509.Certificate) bool
func (*SANDNSNotIA5String) Execute ¶
func (l *SANDNSNotIA5String) Execute(c *x509.Certificate) *LintResult
func (*SANDNSNotIA5String) Initialize ¶
func (l *SANDNSNotIA5String) Initialize() error
type SANDNSNull ¶
type SANDNSNull struct{}
func (*SANDNSNull) CheckApplies ¶
func (l *SANDNSNull) CheckApplies(c *x509.Certificate) bool
func (*SANDNSNull) Execute ¶
func (l *SANDNSNull) Execute(c *x509.Certificate) *LintResult
func (*SANDNSNull) Initialize ¶
func (l *SANDNSNull) Initialize() error
type SANDNSPeriod ¶
type SANDNSPeriod struct{}
func (*SANDNSPeriod) CheckApplies ¶
func (l *SANDNSPeriod) CheckApplies(c *x509.Certificate) bool
func (*SANDNSPeriod) Execute ¶
func (l *SANDNSPeriod) Execute(c *x509.Certificate) *LintResult
func (*SANDNSPeriod) Initialize ¶
func (l *SANDNSPeriod) Initialize() error
type SANDNSTooLong ¶
type SANDNSTooLong struct{}
func (*SANDNSTooLong) CheckApplies ¶
func (l *SANDNSTooLong) CheckApplies(c *x509.Certificate) bool
func (*SANDNSTooLong) Execute ¶
func (l *SANDNSTooLong) Execute(c *x509.Certificate) *LintResult
func (*SANDNSTooLong) Initialize ¶
func (l *SANDNSTooLong) Initialize() error
type SANDirName ¶
type SANDirName struct{}
func (*SANDirName) CheckApplies ¶
func (l *SANDirName) CheckApplies(c *x509.Certificate) bool
func (*SANDirName) Execute ¶
func (l *SANDirName) Execute(c *x509.Certificate) *LintResult
func (*SANDirName) Initialize ¶
func (l *SANDirName) Initialize() error
type SANEDI ¶
type SANEDI struct{}
func (*SANEDI) CheckApplies ¶
func (l *SANEDI) CheckApplies(c *x509.Certificate) bool
func (*SANEDI) Execute ¶
func (l *SANEDI) Execute(c *x509.Certificate) *LintResult
func (*SANEDI) Initialize ¶
type SANEmptyName ¶
type SANEmptyName struct{}
func (*SANEmptyName) CheckApplies ¶
func (l *SANEmptyName) CheckApplies(c *x509.Certificate) bool
func (*SANEmptyName) Execute ¶
func (l *SANEmptyName) Execute(c *x509.Certificate) *LintResult
func (*SANEmptyName) Initialize ¶
func (l *SANEmptyName) Initialize() error
type SANIsSpaceDNS ¶
type SANIsSpaceDNS struct{}
func (*SANIsSpaceDNS) CheckApplies ¶
func (l *SANIsSpaceDNS) CheckApplies(c *x509.Certificate) bool
func (*SANIsSpaceDNS) Execute ¶
func (l *SANIsSpaceDNS) Execute(c *x509.Certificate) *LintResult
func (*SANIsSpaceDNS) Initialize ¶
func (l *SANIsSpaceDNS) Initialize() error
type SANMissing ¶
type SANMissing struct{}
func (*SANMissing) CheckApplies ¶
func (l *SANMissing) CheckApplies(c *x509.Certificate) bool
func (*SANMissing) Execute ¶
func (l *SANMissing) Execute(c *x509.Certificate) *LintResult
func (*SANMissing) Initialize ¶
func (l *SANMissing) Initialize() error
type SANNoEntry ¶
type SANNoEntry struct{}
func (*SANNoEntry) CheckApplies ¶
func (l *SANNoEntry) CheckApplies(c *x509.Certificate) bool
func (*SANNoEntry) Execute ¶
func (l *SANNoEntry) Execute(c *x509.Certificate) *LintResult
func (*SANNoEntry) Initialize ¶
func (l *SANNoEntry) Initialize() error
type SANOtherName ¶
type SANOtherName struct{}
func (*SANOtherName) CheckApplies ¶
func (l *SANOtherName) CheckApplies(c *x509.Certificate) bool
func (*SANOtherName) Execute ¶
func (l *SANOtherName) Execute(c *x509.Certificate) *LintResult
func (*SANOtherName) Initialize ¶
func (l *SANOtherName) Initialize() error
type SANRegId ¶
type SANRegId struct{}
func (*SANRegId) CheckApplies ¶
func (l *SANRegId) CheckApplies(c *x509.Certificate) bool
func (*SANRegId) Execute ¶
func (l *SANRegId) Execute(c *x509.Certificate) *LintResult
func (*SANRegId) Initialize ¶
type SANReservedIP ¶
type SANReservedIP struct{}
func (*SANReservedIP) CheckApplies ¶
func (l *SANReservedIP) CheckApplies(c *x509.Certificate) bool
func (*SANReservedIP) Execute ¶
func (l *SANReservedIP) Execute(c *x509.Certificate) *LintResult
func (*SANReservedIP) Initialize ¶
func (l *SANReservedIP) Initialize() error
type SANRfc822 ¶
type SANRfc822 struct{}
func (*SANRfc822) CheckApplies ¶
func (l *SANRfc822) CheckApplies(c *x509.Certificate) bool
func (*SANRfc822) Execute ¶
func (l *SANRfc822) Execute(c *x509.Certificate) *LintResult
func (*SANRfc822) Initialize ¶
type SANURI ¶
type SANURI struct{}
func (*SANURI) CheckApplies ¶
func (l *SANURI) CheckApplies(c *x509.Certificate) bool
func (*SANURI) Execute ¶
func (l *SANURI) Execute(c *x509.Certificate) *LintResult
func (*SANURI) Initialize ¶
type SANURIHost ¶
type SANURIHost struct{}
func (*SANURIHost) CheckApplies ¶
func (l *SANURIHost) CheckApplies(c *x509.Certificate) bool
func (*SANURIHost) Execute ¶
func (l *SANURIHost) Execute(c *x509.Certificate) *LintResult
func (*SANURIHost) Initialize ¶
func (l *SANURIHost) Initialize() error
type SANWildCardFirst ¶
type SANWildCardFirst struct{}
func (*SANWildCardFirst) CheckApplies ¶
func (l *SANWildCardFirst) CheckApplies(c *x509.Certificate) bool
func (*SANWildCardFirst) Execute ¶
func (l *SANWildCardFirst) Execute(c *x509.Certificate) *LintResult
func (*SANWildCardFirst) Initialize ¶
func (l *SANWildCardFirst) Initialize() error
type SerialNumberNotPositive ¶
type SerialNumberNotPositive struct{}
func (*SerialNumberNotPositive) CheckApplies ¶
func (l *SerialNumberNotPositive) CheckApplies(cert *x509.Certificate) bool
func (*SerialNumberNotPositive) Execute ¶
func (l *SerialNumberNotPositive) Execute(cert *x509.Certificate) *LintResult
func (*SerialNumberNotPositive) Initialize ¶
func (l *SerialNumberNotPositive) Initialize() error
type SubCANameConstraintsNotCritical ¶
type SubCANameConstraintsNotCritical struct{}
func (*SubCANameConstraintsNotCritical) CheckApplies ¶
func (l *SubCANameConstraintsNotCritical) CheckApplies(cert *x509.Certificate) bool
func (*SubCANameConstraintsNotCritical) Execute ¶
func (l *SubCANameConstraintsNotCritical) Execute(cert *x509.Certificate) *LintResult
func (*SubCANameConstraintsNotCritical) Initialize ¶
func (l *SubCANameConstraintsNotCritical) Initialize() error
type SubjectDNCountryNotPrintableString ¶
type SubjectDNCountryNotPrintableString struct{}
func (*SubjectDNCountryNotPrintableString) CheckApplies ¶
func (l *SubjectDNCountryNotPrintableString) CheckApplies(c *x509.Certificate) bool
func (*SubjectDNCountryNotPrintableString) Execute ¶
func (l *SubjectDNCountryNotPrintableString) Execute(c *x509.Certificate) *LintResult
func (*SubjectDNCountryNotPrintableString) Initialize ¶
func (l *SubjectDNCountryNotPrintableString) Initialize() error
type SubjectDNLeadingSpace ¶
type SubjectDNLeadingSpace struct{}
func (*SubjectDNLeadingSpace) CheckApplies ¶
func (l *SubjectDNLeadingSpace) CheckApplies(c *x509.Certificate) bool
func (*SubjectDNLeadingSpace) Execute ¶
func (l *SubjectDNLeadingSpace) Execute(c *x509.Certificate) *LintResult
func (*SubjectDNLeadingSpace) Initialize ¶
func (l *SubjectDNLeadingSpace) Initialize() error
type SubjectDNSerialNumberMaxLength ¶
type SubjectDNSerialNumberMaxLength struct{}
func (*SubjectDNSerialNumberMaxLength) CheckApplies ¶
func (l *SubjectDNSerialNumberMaxLength) CheckApplies(c *x509.Certificate) bool
func (*SubjectDNSerialNumberMaxLength) Execute ¶
func (l *SubjectDNSerialNumberMaxLength) Execute(c *x509.Certificate) *LintResult
func (*SubjectDNSerialNumberMaxLength) Initialize ¶
func (l *SubjectDNSerialNumberMaxLength) Initialize() error
type SubjectDNSerialNumberNotPrintableString ¶
type SubjectDNSerialNumberNotPrintableString struct{}
func (*SubjectDNSerialNumberNotPrintableString) CheckApplies ¶
func (l *SubjectDNSerialNumberNotPrintableString) CheckApplies(c *x509.Certificate) bool
func (*SubjectDNSerialNumberNotPrintableString) Execute ¶
func (l *SubjectDNSerialNumberNotPrintableString) Execute(c *x509.Certificate) *LintResult
func (*SubjectDNSerialNumberNotPrintableString) Initialize ¶
func (l *SubjectDNSerialNumberNotPrintableString) Initialize() error
type SubjectDNTrailingSpace ¶
type SubjectDNTrailingSpace struct{}
func (*SubjectDNTrailingSpace) CheckApplies ¶
func (l *SubjectDNTrailingSpace) CheckApplies(c *x509.Certificate) bool
func (*SubjectDNTrailingSpace) Execute ¶
func (l *SubjectDNTrailingSpace) Execute(c *x509.Certificate) *LintResult
func (*SubjectDNTrailingSpace) Initialize ¶
func (l *SubjectDNTrailingSpace) Initialize() error
type SubjectRDNHasMultipleAttribute ¶
type SubjectRDNHasMultipleAttribute struct{}
func (*SubjectRDNHasMultipleAttribute) CheckApplies ¶
func (l *SubjectRDNHasMultipleAttribute) CheckApplies(c *x509.Certificate) bool
func (*SubjectRDNHasMultipleAttribute) Execute ¶
func (l *SubjectRDNHasMultipleAttribute) Execute(c *x509.Certificate) *LintResult
func (*SubjectRDNHasMultipleAttribute) Initialize ¶
func (l *SubjectRDNHasMultipleAttribute) Initialize() error
Source Files ¶
- base.go
- lint_basic_constraints_not_critical.go
- lint_ca_common_name_missing.go
- lint_ca_country_name_invalid.go
- lint_ca_country_name_missing.go
- lint_ca_crl_sign_not_set.go
- lint_ca_digital_signature_not_set.go
- lint_ca_is_ca.go
- lint_ca_key_cert_sign_not_set.go
- lint_ca_key_usage_missing.go
- lint_ca_key_usage_not_critical.go
- lint_ca_organization_name_missing.go
- lint_ca_subject_field_empty.go
- lint_cab_dv_conflicts_with_locality.go
- lint_cab_dv_conflicts_with_org.go
- lint_cab_dv_conflicts_with_postal.go
- lint_cab_dv_conflicts_with_province.go
- lint_cab_dv_conflicts_with_street.go
- lint_cab_iv_requires_personal_name.go
- lint_cab_ov_requires_org.go
- lint_cert_contains_unique_identifier.go
- lint_cert_extensions_version_not_3.go
- lint_cert_policy_iv_requires_country.go
- lint_cert_policy_iv_requires_province_or_locality.go
- lint_cert_policy_ov_requires_country.go
- lint_cert_policy_ov_requires_province_or_locality.go
- lint_cert_unique_identifier_version_not_2_or_3.go
- lint_dh_params_missing.go
- lint_distribution_point_incomplete.go
- lint_distribution_point_missing_ldap_or_uri.go
- lint_dnsname_bad_character_in_label.go
- lint_dnsname_check_left_label_wildcard.go
- lint_dnsname_contains_bare_iana_suffix.go
- lint_dnsname_contains_empty_label.go
- lint_dnsname_hyphen_in_sld.go
- lint_dnsname_label_too_long.go
- lint_dnsname_right_label_valid_tld.go
- lint_dnsname_underscore_in_sld.go
- lint_dnsname_underscore_in_trd.go
- lint_dnsname_wildcard_left_of_public_suffix.go
- lint_dnsname_wildcard_only_in_left_label.go
- lint_dsa_correct_order_in_subgroup.go
- lint_dsa_improper_modulus_or_divisor_size.go
- lint_dsa_shorter_than_2048_bits.go
- lint_dsa_unique_correct_representation.go
- lint_ec_improper_curves.go
- lint_eku_critical_improperly.go
- lint_ev_business_category_missing.go
- lint_ev_country_name_missing.go
- lint_ev_organization_name_missing.go
- lint_ev_serial_number_missing.go
- lint_ev_valid_time_too_long.go
- lint_ext_aia_access_location_missing.go
- lint_ext_aia_marked_critical.go
- lint_ext_authority_key_identifier_critical.go
- lint_ext_authority_key_identifier_missing.go
- lint_ext_authority_key_identifier_no_key_identifier.go
- lint_ext_cert_policy_contains_noticeref.go
- lint_ext_cert_policy_disallowed_any_policy_qualifier.go
- lint_ext_cert_policy_duplicate.go
- lint_ext_cert_policy_explicit_text_ia5_string.go
- lint_ext_cert_policy_explicit_text_includes_control.go
- lint_ext_cert_policy_explicit_text_not_nfc.go
- lint_ext_cert_policy_explicit_text_not_utf8.go
- lint_ext_cert_policy_explicit_text_too_long.go
- lint_ext_crl_distribution_marked_critical.go
- lint_ext_duplicate_extension.go
- lint_ext_freshest_crl_marked_critical.go
- lint_ext_ian_critical.go
- lint_ext_ian_dns_not_ia5_string.go
- lint_ext_ian_empty_name.go
- lint_ext_ian_no_entries.go
- lint_ext_ian_rfc822_format_invalid.go
- lint_ext_ian_space_dns_name.go
- lint_ext_ian_uri_format_invalid.go
- lint_ext_ian_uri_host_not_fqdn_or_ip.go
- lint_ext_ian_uri_not_ia5.go
- lint_ext_ian_uri_relative.go
- lint_ext_key_usage_cert_sign_without_ca.go
- lint_ext_key_usage_not_critical.go
- lint_ext_key_usage_without_bits.go
- lint_ext_name_constraints_not_critical.go
- lint_ext_name_constraints_not_in_ca.go
- lint_ext_policy_constraints_empty.go
- lint_ext_policy_constraints_not_critical.go
- lint_ext_policy_map_any_policy.go
- lint_ext_policy_map_not_critical.go
- lint_ext_policy_map_not_in_cert_policy.go
- lint_ext_san_contains_reserved_ip.go
- lint_ext_san_critical_with_subject_dn.go
- lint_ext_san_directory_name_present.go
- lint_ext_san_dns_name_too_long.go
- lint_ext_san_dns_not_ia5_string.go
- lint_ext_san_edi_party_name_present.go
- lint_ext_san_empty_name.go
- lint_ext_san_missing.go
- lint_ext_san_no_entries.go
- lint_ext_san_not_critical_without_subject.go
- lint_ext_san_other_name_present.go
- lint_ext_san_registered_id_present.go
- lint_ext_san_rfc822_format_invalid.go
- lint_ext_san_rfc822_name_present.go
- lint_ext_san_space_dns_name.go
- lint_ext_san_uniform_resource_identifier_present.go
- lint_ext_san_uri_format_invalid.go
- lint_ext_san_uri_host_not_fqdn_or_ip.go
- lint_ext_san_uri_not_ia5.go
- lint_ext_san_uri_relative.go
- lint_ext_subject_directory_attr_critical.go
- lint_ext_subject_key_identifier_critical.go
- lint_ext_subject_key_identifier_missing_ca.go
- lint_ext_subject_key_identifier_missing_sub_cert.go
- lint_generalized_time_does_not_include_seconds.go
- lint_generalized_time_includes_fraction_seconds.go
- lint_generalized_time_not_in_zulu.go
- lint_ian_bare_wildcard.go
- lint_ian_dns_name_includes_null_char.go
- lint_ian_dns_name_starts_with_period.go
- lint_ian_iana_pub_suffix_empty.go
- lint_ian_wildcard_not_first.go
- lint_idn_dnsname_malformed_unicode.go
- lint_idn_dnsname_must_be_nfc.go
- lint_inhibit_any_policy_not_critical.go
- lint_invalid_certificate_version.go
- lint_is_redacted_cert.go
- lint_issuer_dn_country_not_printable_string.go
- lint_issuer_dn_leading_whitespace.go
- lint_issuer_dn_trailing_whitespace.go
- lint_issuer_field_empty.go
- lint_issuer_multiple_rdn.go
- lint_name_constraint_empty.go
- lint_name_constraint_maximum_not_absent.go
- lint_name_constraint_minimum_non_zero.go
- lint_name_constraint_on_edi_party_name.go
- lint_name_constraint_on_registered_id.go
- lint_name_constraint_on_x400.go
- lint_old_root_ca_rsa_mod_less_than_2048_bits.go
- lint_old_sub_ca_rsa_mod_less_than_1024_bits.go
- lint_old_sub_cert_rsa_mod_less_than_1024_bits.go
- lint_path_len_constraint_improperly_included.go
- lint_path_len_constraint_zero_or_less.go
- lint_public_key_type_not_allowed.go
- lint_root_ca_basic_constraints_path_len_constraint_field_present.go
- lint_root_ca_contains_cert_policy.go
- lint_root_ca_extended_key_usage_present.go
- lint_root_ca_key_usage_must_be_critical.go
- lint_root_ca_key_usage_present.go
- lint_rsa_exp_negative.go
- lint_rsa_mod_factors_smaller_than_752_bits.go
- lint_rsa_mod_less_than_2048_bits.go
- lint_rsa_mod_not_odd.go
- lint_rsa_no_public_key.go
- lint_rsa_public_exponent_not_in_range.go
- lint_rsa_public_exponent_not_odd.go
- lint_rsa_public_exponent_too_small.go
- lint_san_bare_wildcard.go
- lint_san_dns_name_includes_null_char.go
- lint_san_dns_name_starts_with_period.go
- lint_san_iana_pub_suffix_empty.go
- lint_san_wildcard_not_first.go
- lint_serial_number_longer_than_20_octets.go
- lint_serial_number_low_entropy.go
- lint_serial_number_not_positive.go
- lint_signature_algorithm_not_supported.go
- lint_sub_ca_aia_does_not_contain_issuing_ca_url.go
- lint_sub_ca_aia_does_not_contain_ocsp_url.go
- lint_sub_ca_aia_marked_critical.go
- lint_sub_ca_aia_missing.go
- lint_sub_ca_certificate_policies_marked_critical.go
- lint_sub_ca_certificate_policies_missing.go
- lint_sub_ca_crl_distribution_points_does_not_contain_url.go
- lint_sub_ca_crl_distribution_points_marked_critical.go
- lint_sub_ca_crl_distribution_points_missing.go
- lint_sub_ca_eku_critical.go
- lint_sub_ca_eku_missing.go
- lint_sub_ca_eku_valid_fields.go
- lint_sub_ca_name_constraints_not_critical.go
- lint_sub_cert_aia_does_not_contain_issuing_ca_url.go
- lint_sub_cert_aia_does_not_contain_ocsp_url.go
- lint_sub_cert_aia_marked_critical.go
- lint_sub_cert_aia_missing.go
- lint_sub_cert_cert_policy_empty.go
- lint_sub_cert_certificate_policies_marked_critical.go
- lint_sub_cert_certificate_policies_missing.go
- lint_sub_cert_country_name_must_appear.go
- lint_sub_cert_crl_distribution_points_does_not_contain_url.go
- lint_sub_cert_crl_distribution_points_marked_critical.go
- lint_sub_cert_eku_extra_values.go
- lint_sub_cert_eku_missing.go
- lint_sub_cert_eku_server_auth_client_auth_missing.go
- lint_sub_cert_gn_sn_contains_policy.go
- lint_sub_cert_is_ca.go
- lint_sub_cert_key_usage_cert_sign_bit_set.go
- lint_sub_cert_key_usage_crl_sign_bit_set.go
- lint_sub_cert_locality_name_must_appear.go
- lint_sub_cert_locality_name_must_not_appear.go
- lint_sub_cert_or_sub_ca_using_sha1.go
- lint_sub_cert_postal_code_prohibited.go
- lint_sub_cert_province_must_appear.go
- lint_sub_cert_province_must_not_appear.go
- lint_sub_cert_sha1_expiration_too_long.go
- lint_sub_cert_street_address_should_not_exist.go
- lint_sub_cert_valid_time_longer_than_39_months.go
- lint_sub_cert_valid_time_longer_than_825_days.go
- lint_subject_common_name_included.go
- lint_subject_common_name_max_length.go
- lint_subject_common_name_not_from_san.go
- lint_subject_contains_noninformational_value.go
- lint_subject_contains_reserved_ip.go
- lint_subject_country_not_iso.go
- lint_subject_dn_country_not_printable_string.go
- lint_subject_dn_leading_whitespace.go
- lint_subject_dn_serial_number_max_length.go
- lint_subject_dn_serial_number_not_printable_string.go
- lint_subject_dn_trailing_whitespace.go
- lint_subject_email_max_length.go
- lint_subject_empty_without_san.go
- lint_subject_given_name_max_length.go
- lint_subject_info_access_marked_critical.go
- lint_subject_locality_name_max_length.go
- lint_subject_multiple_rdn.go
- lint_subject_not_dn.go
- lint_subject_organization_name_max_length.go
- lint_subject_organizational_unit_name_max_length.go
- lint_subject_postal_code_max_length.go
- lint_subject_state_name_max_length.go
- lint_subject_street_address_max_length.go
- lint_subject_surname_max_length.go
- lint_utc_time_does_not_include_seconds.go
- lint_utc_time_not_in_zulu.go
- lint_validity_time_not_positive.go
- lint_wrong_time_format_pre2050.go
- result.go
- testingUtil.go