rfc

package
v3.6.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 4, 2025 License: Apache-2.0 Imports: 22 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewAiaNoHTTPorLDAP added in v3.3.0 

func NewAiaNoHTTPorLDAP() lint.LintInterface

func NewAuthorityKeyIdCritical added in v3.3.0 

func NewAuthorityKeyIdCritical() lint.LintInterface

func NewAuthorityKeyIdNoKeyIdField added in v3.3.0 

func NewAuthorityKeyIdNoKeyIdField() lint.LintInterface

func NewBasicConstCrit added in v3.3.0 

func NewBasicConstCrit() lint.LintInterface

func NewCaSubjectEmpty added in v3.3.0 

func NewCaSubjectEmpty() lint.LintInterface

func NewCertContainsUniqueIdentifier added in v3.3.0 

func NewCertContainsUniqueIdentifier() lint.LintInterface

func NewCertExtensionInvalidDER added in v3.6.3 

func NewCertExtensionInvalidDER() lint.LintInterface

func NewCertExtensionsVersonNot3 added in v3.3.0 

func NewCertExtensionsVersonNot3() lint.LintInterface

func NewCertUniqueIdVersion added in v3.3.0 

func NewCertUniqueIdVersion() lint.LintInterface

func NewCheckKeyUsageCritical added in v3.3.0 

func NewCheckKeyUsageCritical() lint.LintInterface

func NewControlChar added in v3.3.0 

func NewControlChar() lint.LintInterface

func NewCrlHasNextUpdate added in v3.5.0 

func NewCrlHasNextUpdate() lint.RevocationListLintInterface

func NewCrlHasValidReasonCode added in v3.6.0 

func NewCrlHasValidReasonCode() lint.RevocationListLintInterface

func NewDNSNameEmptyLabel added in v3.3.0 

func NewDNSNameEmptyLabel() lint.LintInterface

func NewDNSNameHyphenInSLD added in v3.3.0 

func NewDNSNameHyphenInSLD() lint.LintInterface

func NewDNSNameLabelLengthTooLong added in v3.3.0 

func NewDNSNameLabelLengthTooLong() lint.LintInterface

func NewDNSNameUnderscoreInSLD added in v3.3.0 

func NewDNSNameUnderscoreInSLD() lint.LintInterface

func NewDNSNameUnderscoreInTRD added in v3.3.0 

func NewDNSNameUnderscoreInTRD() lint.LintInterface

func NewDistribNoLDAPorURI added in v3.3.0 

func NewDistribNoLDAPorURI() lint.LintInterface

func NewDpIncomplete added in v3.3.0 

func NewDpIncomplete() lint.LintInterface

func NewEcdsaAllowedKU added in v3.4.0 

func NewEcdsaAllowedKU() lint.LintInterface

func NewEcdsaInvalidKU added in v3.3.0 

func NewEcdsaInvalidKU() lint.LintInterface

func NewEkuBadCritical added in v3.3.0 

func NewEkuBadCritical() lint.LintInterface

func NewEmptyRevokedCertificates added in v3.6.3 

func NewEmptyRevokedCertificates() lint.RevocationListLintInterface

func NewEmptyRevokedCerts added in v3.6.3 

func NewEmptyRevokedCerts() lint.RevocationListLintInterface

func NewEmptySCTList added in v3.6.3 

func NewEmptySCTList() lint.LintInterface

func NewEmptyWithoutSAN added in v3.3.0 

func NewEmptyWithoutSAN() lint.LintInterface

func NewExplicitTextIA5String added in v3.3.0 

func NewExplicitTextIA5String() lint.LintInterface

func NewExplicitTextTooLong added in v3.3.0 

func NewExplicitTextTooLong() lint.LintInterface

func NewExplicitTextUtf8 added in v3.3.0 

func NewExplicitTextUtf8() lint.LintInterface

func NewExtAiaMarkedCritical added in v3.3.0 

func NewExtAiaMarkedCritical() lint.LintInterface

func NewExtCertPolicyDuplicate added in v3.3.0 

func NewExtCertPolicyDuplicate() lint.LintInterface

func NewExtCertPolicyExplicitTextNotNFC added in v3.3.0 

func NewExtCertPolicyExplicitTextNotNFC() lint.LintInterface

func NewExtCrlDistributionMarkedCritical added in v3.3.0 

func NewExtCrlDistributionMarkedCritical() lint.LintInterface

func NewExtDuplicateExtension added in v3.3.0 

func NewExtDuplicateExtension() lint.LintInterface

func NewExtFreshestCrlMarkedCritical added in v3.3.0 

func NewExtFreshestCrlMarkedCritical() lint.LintInterface

func NewExtIANCritical added in v3.3.0 

func NewExtIANCritical() lint.LintInterface

func NewExtSANNotCritNoSubject added in v3.3.0 

func NewExtSANNotCritNoSubject() lint.LintInterface

func NewExtSANURIFormatInvalid added in v3.3.0 

func NewExtSANURIFormatInvalid() lint.LintInterface

func NewExtSANURINotIA5 added in v3.3.0 

func NewExtSANURINotIA5() lint.LintInterface

func NewExtSANURIRelative added in v3.3.0 

func NewExtSANURIRelative() lint.LintInterface

func NewGeneralizedNoSeconds added in v3.3.0 

func NewGeneralizedNoSeconds() lint.LintInterface

func NewGeneralizedNotZulu added in v3.3.0 

func NewGeneralizedNotZulu() lint.LintInterface

func NewGeneralizedPre2050 added in v3.3.0 

func NewGeneralizedPre2050() lint.LintInterface

func NewGeneralizedTimeFraction added in v3.3.0 

func NewGeneralizedTimeFraction() lint.LintInterface

func NewIANDNSNotIA5String added in v3.3.0 

func NewIANDNSNotIA5String() lint.LintInterface

func NewIANEmail added in v3.3.0 

func NewIANEmail() lint.LintInterface

func NewIANEmptyName added in v3.3.0 

func NewIANEmptyName() lint.LintInterface

func NewIANNoEntry added in v3.3.0 

func NewIANNoEntry() lint.LintInterface

func NewIANSpace added in v3.3.0 

func NewIANSpace() lint.LintInterface

func NewIANURIFQDNOrIP added in v3.3.0 

func NewIANURIFQDNOrIP() lint.LintInterface

func NewIANURIFormat added in v3.3.0 

func NewIANURIFormat() lint.LintInterface

func NewIANURIIA5String added in v3.3.0 

func NewIANURIIA5String() lint.LintInterface

func NewIDNMalformedUnicode added in v3.3.0 

func NewIDNMalformedUnicode() lint.LintInterface

func NewIDNNotNFC added in v3.3.0 

func NewIDNNotNFC() lint.LintInterface

func NewIncorrectKuEncoding added in v3.4.0 

func NewIncorrectKuEncoding() lint.LintInterface

func NewInhibitAnyPolicyNotCritical added in v3.3.0 

func NewInhibitAnyPolicyNotCritical() lint.LintInterface

func NewInvalidEmail added in v3.3.0 

func NewInvalidEmail() lint.LintInterface

func NewIssuerDNCountryNotPrintableString added in v3.3.0 

func NewIssuerDNCountryNotPrintableString() lint.LintInterface

func NewIssuerFieldEmpty added in v3.3.0 

func NewIssuerFieldEmpty() lint.LintInterface

func NewKUAndEKUInconsistent added in v3.6.0 

func NewKUAndEKUInconsistent() lint.LintInterface

func NewKeyUsageBitsSet added in v3.3.0 

func NewKeyUsageBitsSet() lint.LintInterface

func NewKeyUsageCertSignNoCa added in v3.3.0 

func NewKeyUsageCertSignNoCa() lint.LintInterface

func NewKeyUsageIncorrectLength added in v3.4.0 

func NewKeyUsageIncorrectLength() lint.LintInterface

func NewMismatchingSigAlg added in v3.3.0 

func NewMismatchingSigAlg() lint.LintInterface

func NewMissingCRLNumber added in v3.6.3 

func NewMissingCRLNumber() lint.RevocationListLintInterface

func NewNameConstMin added in v3.3.0 

func NewNameConstMin() lint.LintInterface

func NewNameConstraintCrit added in v3.3.0 

func NewNameConstraintCrit() lint.LintInterface

func NewNameConstraintEmpty added in v3.3.0 

func NewNameConstraintEmpty() lint.LintInterface

func NewNameConstraintMax added in v3.3.0 

func NewNameConstraintMax() lint.LintInterface

func NewNameConstraintNotCa added in v3.3.0 

func NewNameConstraintNotCa() lint.LintInterface

func NewNameConstraintNotFQDN added in v3.3.0 

func NewNameConstraintNotFQDN() lint.LintInterface

func NewNameConstraintOnEDI added in v3.3.0 

func NewNameConstraintOnEDI() lint.LintInterface

func NewNameConstraintOnRegisteredId added in v3.3.0 

func NewNameConstraintOnRegisteredId() lint.LintInterface

func NewNameConstraintOnX400 added in v3.3.0 

func NewNameConstraintOnX400() lint.LintInterface

func NewNoticeRefPres added in v3.3.0 

func NewNoticeRefPres() lint.LintInterface

func NewPathLenIncluded added in v3.3.0 

func NewPathLenIncluded() lint.LintInterface

func NewPathLenNonPositive added in v3.3.0 

func NewPathLenNonPositive() lint.LintInterface

func NewPolicyConstraintsContents added in v3.3.0 

func NewPolicyConstraintsContents() lint.LintInterface

func NewPolicyConstraintsCritical added in v3.3.0 

func NewPolicyConstraintsCritical() lint.LintInterface

func NewPolicyMapAnyPolicy added in v3.3.0 

func NewPolicyMapAnyPolicy() lint.LintInterface

func NewPolicyMapCritical added in v3.3.0 

func NewPolicyMapCritical() lint.LintInterface

func NewPolicyMapMatchesCertPolicy added in v3.3.0 

func NewPolicyMapMatchesCertPolicy() lint.LintInterface

func NewPreCertWithSCTList added in v3.6.3 

func NewPreCertWithSCTList() lint.LintInterface

func NewRsaAllowedKUCa added in v3.4.0 

func NewRsaAllowedKUCa() lint.LintInterface

func NewRsaAllowedKUCaNoEncipherment added in v3.4.0 

func NewRsaAllowedKUCaNoEncipherment() lint.LintInterface

func NewRsaAllowedKUEe added in v3.4.0 

func NewRsaAllowedKUEe() lint.LintInterface

func NewRsaSPKIEncryptionParamNotNULL added in v3.3.0 

func NewRsaSPKIEncryptionParamNotNULL() lint.LintInterface

func NewRsaTBSSignatureEncryptionParamNotNULL added in v3.3.0 

func NewRsaTBSSignatureEncryptionParamNotNULL() lint.LintInterface

func NewSANDNSNotIA5String added in v3.3.0 

func NewSANDNSNotIA5String() lint.LintInterface

func NewSANDNSTooLong added in v3.3.0 

func NewSANDNSTooLong() lint.LintInterface

func NewSANEmptyName added in v3.3.0 

func NewSANEmptyName() lint.LintInterface

func NewSANIsSpaceDNS added in v3.3.0 

func NewSANIsSpaceDNS() lint.LintInterface

func NewSANNoEntry added in v3.3.0 

func NewSANNoEntry() lint.LintInterface

func NewSANURIHost added in v3.3.0 

func NewSANURIHost() lint.LintInterface

func NewSerialNumberNotPositive added in v3.3.0 

func NewSerialNumberNotPositive() lint.LintInterface

func NewSerialNumberTooLong added in v3.3.0 

func NewSerialNumberTooLong() lint.LintInterface

func NewSiaCrit added in v3.3.0 

func NewSiaCrit() lint.LintInterface

func NewSubDirAttrCrit added in v3.3.0 

func NewSubDirAttrCrit() lint.LintInterface

func NewSubjectCommonNameMaxLength added in v3.3.0 

func NewSubjectCommonNameMaxLength() lint.LintInterface

func NewSubjectDN added in v3.3.0 

func NewSubjectDN() lint.LintInterface

func NewSubjectDNCountryNotPrintableString added in v3.3.0 

func NewSubjectDNCountryNotPrintableString() lint.LintInterface

func NewSubjectDNNotPrintableCharacters added in v3.3.0 

func NewSubjectDNNotPrintableCharacters() lint.LintInterface

func NewSubjectDNSerialNumberMaxLength added in v3.3.0 

func NewSubjectDNSerialNumberMaxLength() lint.LintInterface

func NewSubjectDNSerialNumberNotPrintableString added in v3.3.0 

func NewSubjectDNSerialNumberNotPrintableString() lint.LintInterface

func NewSubjectEmailMaxLength added in v3.3.0 

func NewSubjectEmailMaxLength() lint.LintInterface

func NewSubjectGivenNameMaxLength added in v3.3.0 

func NewSubjectGivenNameMaxLength() lint.LintInterface

func NewSubjectGivenNameRecommendedMaxLength added in v3.3.0 

func NewSubjectGivenNameRecommendedMaxLength() lint.LintInterface

func NewSubjectKeyIdCritical added in v3.3.0 

func NewSubjectKeyIdCritical() lint.LintInterface

func NewSubjectKeyIdMissingCA added in v3.3.0 

func NewSubjectKeyIdMissingCA() lint.LintInterface

func NewSubjectKeyIdMissingSubscriber added in v3.3.0 

func NewSubjectKeyIdMissingSubscriber() lint.LintInterface

func NewSubjectLocalityNameMaxLength added in v3.3.0 

func NewSubjectLocalityNameMaxLength() lint.LintInterface

func NewSubjectOrganizationNameMaxLength added in v3.3.0 

func NewSubjectOrganizationNameMaxLength() lint.LintInterface

func NewSubjectOrganizationalUnitNameMaxLength added in v3.3.0 

func NewSubjectOrganizationalUnitNameMaxLength() lint.LintInterface

func NewSubjectPostalCodeMaxLength added in v3.3.0 

func NewSubjectPostalCodeMaxLength() lint.LintInterface

func NewSubjectPrintableStringBadAlpha added in v3.3.0 

func NewSubjectPrintableStringBadAlpha() lint.LintInterface

func NewSubjectStateNameMaxLength added in v3.3.0 

func NewSubjectStateNameMaxLength() lint.LintInterface

func NewSubjectStreetAddressMaxLength added in v3.3.0 

func NewSubjectStreetAddressMaxLength() lint.LintInterface

func NewSubjectSurnameMaxLength added in v3.3.0 

func NewSubjectSurnameMaxLength() lint.LintInterface

func NewSubjectSurnameRecommendedMaxLength added in v3.3.0 

func NewSubjectSurnameRecommendedMaxLength() lint.LintInterface

func NewSuperfluousKuEncoding added in v3.4.0 

func NewSuperfluousKuEncoding() lint.LintInterface

func NewUnrecommendedQualifier added in v3.3.0 

func NewUnrecommendedQualifier() lint.LintInterface

func NewUriRelative added in v3.3.0 

func NewUriRelative() lint.LintInterface

func NewUtcNoSecond added in v3.3.0 

func NewUtcNoSecond() lint.LintInterface

func NewUtcTimeGMT added in v3.3.0 

func NewUtcTimeGMT() lint.LintInterface

Types

type CertContainsUniqueIdentifier 

type CertContainsUniqueIdentifier struct{}

func (*CertContainsUniqueIdentifier) CheckApplies 

func (l *CertContainsUniqueIdentifier) CheckApplies(cert *x509.Certificate) bool

func (*CertContainsUniqueIdentifier) Execute 

func (l *CertContainsUniqueIdentifier) Execute(cert *x509.Certificate) *lint.LintResult

type CertExtensionsVersonNot3 

type CertExtensionsVersonNot3 struct{}

func (*CertExtensionsVersonNot3) CheckApplies 

func (l *CertExtensionsVersonNot3) CheckApplies(cert *x509.Certificate) bool

func (*CertExtensionsVersonNot3) Execute 

func (l *CertExtensionsVersonNot3) Execute(cert *x509.Certificate) *lint.LintResult

type Certificate added in v3.6.3 

type Certificate struct {
	TbsCertificate     TBSCertificate
	SignatureAlgorithm pkix.AlgorithmIdentifier
	SignatureValue     asn1.BitString
}

This is just plain RFC 5280

type CertificateList added in v3.6.3 

type CertificateList struct {
	TbsCertList        TBSCertList
	SignatureAlgorithm pkix.AlgorithmIdentifier
	SignatureValue     asn1.BitString
}

type DNSNameEmptyLabel added in v3.3.0 

type DNSNameEmptyLabel struct{}

func (*DNSNameEmptyLabel) CheckApplies added in v3.3.0 

func (l *DNSNameEmptyLabel) CheckApplies(c *x509.Certificate) bool

func (*DNSNameEmptyLabel) Execute added in v3.3.0 

func (l *DNSNameEmptyLabel) Execute(c *x509.Certificate) *lint.LintResult

type DNSNameHyphenInSLD added in v3.3.0 

type DNSNameHyphenInSLD struct{}

func (*DNSNameHyphenInSLD) CheckApplies added in v3.3.0 

func (l *DNSNameHyphenInSLD) CheckApplies(c *x509.Certificate) bool

func (*DNSNameHyphenInSLD) Execute added in v3.3.0 

func (l *DNSNameHyphenInSLD) Execute(c *x509.Certificate) *lint.LintResult

type DNSNameLabelLengthTooLong added in v3.3.0 

type DNSNameLabelLengthTooLong struct{}

func (*DNSNameLabelLengthTooLong) CheckApplies added in v3.3.0 

func (l *DNSNameLabelLengthTooLong) CheckApplies(c *x509.Certificate) bool

func (*DNSNameLabelLengthTooLong) Execute added in v3.3.0 

func (l *DNSNameLabelLengthTooLong) Execute(c *x509.Certificate) *lint.LintResult

type DNSNameUnderscoreInSLD added in v3.3.0 

type DNSNameUnderscoreInSLD struct{}

func (*DNSNameUnderscoreInSLD) CheckApplies added in v3.3.0 

func (l *DNSNameUnderscoreInSLD) CheckApplies(c *x509.Certificate) bool

func (*DNSNameUnderscoreInSLD) Execute added in v3.3.0 

func (l *DNSNameUnderscoreInSLD) Execute(c *x509.Certificate) *lint.LintResult

type DNSNameUnderscoreInTRD added in v3.3.0 

type DNSNameUnderscoreInTRD struct{}

func (*DNSNameUnderscoreInTRD) CheckApplies added in v3.3.0 

func (l *DNSNameUnderscoreInTRD) CheckApplies(c *x509.Certificate) bool

func (*DNSNameUnderscoreInTRD) Execute added in v3.3.0 

func (l *DNSNameUnderscoreInTRD) Execute(c *x509.Certificate) *lint.LintResult

type ExtAiaMarkedCritical 

type ExtAiaMarkedCritical struct{}

func (*ExtAiaMarkedCritical) CheckApplies 

func (l *ExtAiaMarkedCritical) CheckApplies(cert *x509.Certificate) bool

func (*ExtAiaMarkedCritical) Execute 

func (l *ExtAiaMarkedCritical) Execute(cert *x509.Certificate) *lint.LintResult

type ExtCertPolicyDuplicate 

type ExtCertPolicyDuplicate struct{}

func (*ExtCertPolicyDuplicate) CheckApplies 

func (l *ExtCertPolicyDuplicate) CheckApplies(cert *x509.Certificate) bool

func (*ExtCertPolicyDuplicate) Execute 

func (l *ExtCertPolicyDuplicate) Execute(cert *x509.Certificate) *lint.LintResult

type ExtCertPolicyExplicitTextNotNFC 

type ExtCertPolicyExplicitTextNotNFC struct{}

func (*ExtCertPolicyExplicitTextNotNFC) CheckApplies 

func (l *ExtCertPolicyExplicitTextNotNFC) CheckApplies(c *x509.Certificate) bool

func (*ExtCertPolicyExplicitTextNotNFC) Execute 

func (l *ExtCertPolicyExplicitTextNotNFC) Execute(c *x509.Certificate) *lint.LintResult

type ExtCrlDistributionMarkedCritical 

type ExtCrlDistributionMarkedCritical struct{}

func (*ExtCrlDistributionMarkedCritical) CheckApplies 

func (l *ExtCrlDistributionMarkedCritical) CheckApplies(cert *x509.Certificate) bool

func (*ExtCrlDistributionMarkedCritical) Execute 

func (l *ExtCrlDistributionMarkedCritical) Execute(cert *x509.Certificate) *lint.LintResult

type ExtFreshestCrlMarkedCritical 

type ExtFreshestCrlMarkedCritical struct{}

func (*ExtFreshestCrlMarkedCritical) CheckApplies 

func (l *ExtFreshestCrlMarkedCritical) CheckApplies(cert *x509.Certificate) bool

func (*ExtFreshestCrlMarkedCritical) Execute 

func (l *ExtFreshestCrlMarkedCritical) Execute(cert *x509.Certificate) *lint.LintResult

type ExtIANCritical 

type ExtIANCritical struct{}

func (*ExtIANCritical) CheckApplies 

func (l *ExtIANCritical) CheckApplies(cert *x509.Certificate) bool

func (*ExtIANCritical) Execute 

func (l *ExtIANCritical) Execute(cert *x509.Certificate) *lint.LintResult

type Extension added in v3.6.3 

type Extension struct {
	Id asn1.ObjectIdentifier
	// This is either the 'critical' or the 'extnValue' field (see RFC 5280 section 4.1)
	// We can discriminate based on tag, since the two fields are of different ASN.1 types
	Field2 asn1.RawValue
	// If this is present, it can only be the 'extnValue' field
	// We need to be able to capture it, but we do not deal with it
	Field3 asn1.RawValue `asn1:"optional"`
}

* Modified syntax w/respect to RFC 5280, so we can detect whether * the critical field is actually present in the DER encoding

type IANDNSNotIA5String 

type IANDNSNotIA5String struct{}

func (*IANDNSNotIA5String) CheckApplies 

func (l *IANDNSNotIA5String) CheckApplies(c *x509.Certificate) bool

func (*IANDNSNotIA5String) Execute 

func (l *IANDNSNotIA5String) Execute(c *x509.Certificate) *lint.LintResult

type IANEmail 

type IANEmail struct{}

func (*IANEmail) CheckApplies 

func (l *IANEmail) CheckApplies(c *x509.Certificate) bool

func (*IANEmail) Execute 

func (l *IANEmail) Execute(c *x509.Certificate) *lint.LintResult

type IANEmptyName 

type IANEmptyName struct{}

func (*IANEmptyName) CheckApplies 

func (l *IANEmptyName) CheckApplies(c *x509.Certificate) bool

func (*IANEmptyName) Execute 

func (l *IANEmptyName) Execute(c *x509.Certificate) *lint.LintResult

type IANNoEntry 

type IANNoEntry struct{}

func (*IANNoEntry) CheckApplies 

func (l *IANNoEntry) CheckApplies(c *x509.Certificate) bool

func (*IANNoEntry) Execute 

func (l *IANNoEntry) Execute(c *x509.Certificate) *lint.LintResult

type IANSpace 

type IANSpace struct{}

func (*IANSpace) CheckApplies 

func (l *IANSpace) CheckApplies(c *x509.Certificate) bool

func (*IANSpace) Execute 

func (l *IANSpace) Execute(c *x509.Certificate) *lint.LintResult

type IANURIFQDNOrIP 

type IANURIFQDNOrIP struct{}

func (*IANURIFQDNOrIP) CheckApplies 

func (l *IANURIFQDNOrIP) CheckApplies(c *x509.Certificate) bool

func (*IANURIFQDNOrIP) Execute 

func (l *IANURIFQDNOrIP) Execute(c *x509.Certificate) *lint.LintResult

type IANURIFormat 

type IANURIFormat struct{}

func (*IANURIFormat) CheckApplies 

func (l *IANURIFormat) CheckApplies(c *x509.Certificate) bool

func (*IANURIFormat) Execute 

func (l *IANURIFormat) Execute(c *x509.Certificate) *lint.LintResult

type IANURIIA5String 

type IANURIIA5String struct{}

func (*IANURIIA5String) CheckApplies 

func (l *IANURIIA5String) CheckApplies(c *x509.Certificate) bool

func (*IANURIIA5String) Execute 

func (l *IANURIIA5String) Execute(c *x509.Certificate) *lint.LintResult

type IDNMalformedUnicode 

type IDNMalformedUnicode struct{}

func (*IDNMalformedUnicode) CheckApplies 

func (l *IDNMalformedUnicode) CheckApplies(c *x509.Certificate) bool

func (*IDNMalformedUnicode) Execute 

func (l *IDNMalformedUnicode) Execute(c *x509.Certificate) *lint.LintResult

type IDNNotNFC 

type IDNNotNFC struct{}

func (*IDNNotNFC) CheckApplies 

func (l *IDNNotNFC) CheckApplies(c *x509.Certificate) bool

func (*IDNNotNFC) Execute 

func (l *IDNNotNFC) Execute(c *x509.Certificate) *lint.LintResult

type InhibitAnyPolicyNotCritical 

type InhibitAnyPolicyNotCritical struct{}

func (*InhibitAnyPolicyNotCritical) CheckApplies 

func (l *InhibitAnyPolicyNotCritical) CheckApplies(cert *x509.Certificate) bool

func (*InhibitAnyPolicyNotCritical) Execute 

func (l *InhibitAnyPolicyNotCritical) Execute(cert *x509.Certificate) *lint.LintResult

type IssuerDNCountryNotPrintableString 

type IssuerDNCountryNotPrintableString struct{}

func (*IssuerDNCountryNotPrintableString) CheckApplies 

func (l *IssuerDNCountryNotPrintableString) CheckApplies(c *x509.Certificate) bool

func (*IssuerDNCountryNotPrintableString) Execute 

func (l *IssuerDNCountryNotPrintableString) Execute(c *x509.Certificate) *lint.LintResult

type KUAndEKUInconsistent added in v3.6.0 

type KUAndEKUInconsistent struct{}

func (*KUAndEKUInconsistent) CheckApplies added in v3.6.0 

func (l *KUAndEKUInconsistent) CheckApplies(c *x509.Certificate) bool

CheckApplies returns true when the certificate contains both a key usage extension and an extended key usage extension.

func (*KUAndEKUInconsistent) Execute added in v3.6.0 

func (l *KUAndEKUInconsistent) Execute(c *x509.Certificate) *lint.LintResult

Execute returns an Error level lint.LintResult if the purposes of the certificate being linted is not consistent with both extensions.

func (*KUAndEKUInconsistent) Initialize added in v3.6.0 

func (l *KUAndEKUInconsistent) Initialize() error

type RevokedCertificate added in v3.6.3 

type RevokedCertificate struct {
	UserCertificate    *big.Int
	RevocationDate     time.Time
	CrlEntryExtensions asn1.RawValue `asn1:"optional"`
}

type SANDNSNotIA5String 

type SANDNSNotIA5String struct{}

func (*SANDNSNotIA5String) CheckApplies 

func (l *SANDNSNotIA5String) CheckApplies(c *x509.Certificate) bool

func (*SANDNSNotIA5String) Execute 

func (l *SANDNSNotIA5String) Execute(c *x509.Certificate) *lint.LintResult

type SANDNSTooLong 

type SANDNSTooLong struct{}

func (*SANDNSTooLong) CheckApplies 

func (l *SANDNSTooLong) CheckApplies(c *x509.Certificate) bool

func (*SANDNSTooLong) Execute 

func (l *SANDNSTooLong) Execute(c *x509.Certificate) *lint.LintResult

type SANEmptyName 

type SANEmptyName struct{}

func (*SANEmptyName) CheckApplies 

func (l *SANEmptyName) CheckApplies(c *x509.Certificate) bool

func (*SANEmptyName) Execute 

func (l *SANEmptyName) Execute(c *x509.Certificate) *lint.LintResult

type SANIsSpaceDNS 

type SANIsSpaceDNS struct{}

func (*SANIsSpaceDNS) CheckApplies 

func (l *SANIsSpaceDNS) CheckApplies(c *x509.Certificate) bool

func (*SANIsSpaceDNS) Execute 

func (l *SANIsSpaceDNS) Execute(c *x509.Certificate) *lint.LintResult

type SANNoEntry 

type SANNoEntry struct{}

func (*SANNoEntry) CheckApplies 

func (l *SANNoEntry) CheckApplies(c *x509.Certificate) bool

func (*SANNoEntry) Execute 

func (l *SANNoEntry) Execute(c *x509.Certificate) *lint.LintResult

type SANURIHost 

type SANURIHost struct{}

func (*SANURIHost) CheckApplies 

func (l *SANURIHost) CheckApplies(c *x509.Certificate) bool

func (*SANURIHost) Execute 

func (l *SANURIHost) Execute(c *x509.Certificate) *lint.LintResult

type SerialNumberNotPositive 

type SerialNumberNotPositive struct{}

func (*SerialNumberNotPositive) CheckApplies 

func (l *SerialNumberNotPositive) CheckApplies(cert *x509.Certificate) bool

func (*SerialNumberNotPositive) Execute 

func (l *SerialNumberNotPositive) Execute(cert *x509.Certificate) *lint.LintResult

type SubjectDNCountryNotPrintableString 

type SubjectDNCountryNotPrintableString struct{}

func (*SubjectDNCountryNotPrintableString) CheckApplies 

func (l *SubjectDNCountryNotPrintableString) CheckApplies(c *x509.Certificate) bool

func (*SubjectDNCountryNotPrintableString) Execute 

func (l *SubjectDNCountryNotPrintableString) Execute(c *x509.Certificate) *lint.LintResult

type SubjectDNSerialNumberMaxLength 

type SubjectDNSerialNumberMaxLength struct{}

func (*SubjectDNSerialNumberMaxLength) CheckApplies 

func (l *SubjectDNSerialNumberMaxLength) CheckApplies(c *x509.Certificate) bool

func (*SubjectDNSerialNumberMaxLength) Execute 

func (l *SubjectDNSerialNumberMaxLength) Execute(c *x509.Certificate) *lint.LintResult

type SubjectDNSerialNumberNotPrintableString 

type SubjectDNSerialNumberNotPrintableString struct{}

func (*SubjectDNSerialNumberNotPrintableString) CheckApplies 

func (l *SubjectDNSerialNumberNotPrintableString) CheckApplies(c *x509.Certificate) bool

func (*SubjectDNSerialNumberNotPrintableString) Execute 

func (l *SubjectDNSerialNumberNotPrintableString) Execute(c *x509.Certificate) *lint.LintResult

type SubjectGivenNameRecommendedMaxLength added in v3.2.0 

type SubjectGivenNameRecommendedMaxLength struct{}

func (*SubjectGivenNameRecommendedMaxLength) CheckApplies added in v3.2.0 

func (l *SubjectGivenNameRecommendedMaxLength) CheckApplies(c *x509.Certificate) bool

func (*SubjectGivenNameRecommendedMaxLength) Execute added in v3.2.0 

func (l *SubjectGivenNameRecommendedMaxLength) Execute(c *x509.Certificate) *lint.LintResult

type SubjectSurnameRecommendedMaxLength added in v3.2.0 

type SubjectSurnameRecommendedMaxLength struct{}

func (*SubjectSurnameRecommendedMaxLength) CheckApplies added in v3.2.0 

func (l *SubjectSurnameRecommendedMaxLength) CheckApplies(c *x509.Certificate) bool

func (*SubjectSurnameRecommendedMaxLength) Execute added in v3.2.0 

func (l *SubjectSurnameRecommendedMaxLength) Execute(c *x509.Certificate) *lint.LintResult

type TBSCertList added in v3.6.3 

type TBSCertList struct {
	Version             int `asn1:"optional"`
	Signature           pkix.AlgorithmIdentifier
	Issuer              asn1.RawValue
	ThisUpdate          time.Time
	NextUpdate          time.Time            `asn1:"optional"`
	RevokedCertificates []RevokedCertificate `asn1:"optional"`
	CrlExtensions       asn1.RawValue        `asn1:"tag:0,optional"`
}

type TBSCertificate added in v3.6.3 

type TBSCertificate struct {
	Version         int `asn1:"optional,explicit,default:0,tag:0"`
	SerialNumber    *big.Int
	SignatureAlgo   pkix.AlgorithmIdentifier
	Issuer          asn1.RawValue
	Validity        asn1.RawValue
	Subject         asn1.RawValue
	PublicKey       asn1.RawValue
	IssuerUniqueId  asn1.BitString `asn1:"optional,tag:1"`
	SubjectUniqueId asn1.BitString `asn1:"optional,tag:2"`
	Extensions      []Extension    `asn1:"omitempty,optional,explicit,tag:3"`
}

Simplified with respect to RFC 5280, as we are not interested in most fields here

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.