github.com/Cloud-Foundations/Dominator@v0.3.4/lib/x509util/getPermittedMethods.go (about) 1 package x509util 2 3 import ( 4 "crypto/x509" 5 "encoding/asn1" 6 "fmt" 7 "strings" 8 9 "github.com/Cloud-Foundations/Dominator/lib/constants" 10 ) 11 12 func getList(cert *x509.Certificate, oid string) (map[string]struct{}, error) { 13 list := make(map[string]struct{}) 14 for _, extension := range cert.Extensions { 15 if extension.Id.String() != oid { 16 continue 17 } 18 var lines []string 19 rest, err := asn1.Unmarshal(extension.Value, &lines) 20 if err != nil { 21 return nil, err 22 } 23 if len(rest) > 0 { 24 return nil, fmt.Errorf("%d extra bytes in extension", len(rest)) 25 } 26 for _, line := range lines { 27 list[line] = struct{}{} 28 } 29 return list, nil 30 } 31 return list, nil 32 } 33 34 func getPermittedMethods(cert *x509.Certificate) (map[string]struct{}, error) { 35 methodList, err := getList(cert, constants.PermittedMethodListOID) 36 if err != nil { 37 return nil, fmt.Errorf("error getting method list: %s", err) 38 } 39 for method := range methodList { 40 if strings.Count(method, ".") != 1 { 41 return nil, fmt.Errorf("bad line: \"%s\"", method) 42 } 43 } 44 return methodList, nil 45 }