github.com/zmap/zlint@v1.1.0/lints/lint_ext_policy_map_not_critical.go (about) 1 package lints 2 3 /* 4 * ZLint Copyright 2018 Regents of the University of Michigan 5 * 6 * Licensed under the Apache License, Version 2.0 (the "License"); you may not 7 * use this file except in compliance with the License. You may obtain a copy 8 * of the License at http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 13 * implied. See the License for the specific language governing 14 * permissions and limitations under the License. 15 */ 16 17 /********************************************************** 18 RFC 5280: 4.2.1.5. Policy Mappings 19 This extension MAY be supported by CAs and/or applications. 20 Conforming CAs SHOULD mark this extension as critical. 21 **********************************************************/ 22 23 import ( 24 "github.com/zmap/zcrypto/x509" 25 "github.com/zmap/zlint/util" 26 ) 27 28 type policyMapCritical struct{} 29 30 func (l *policyMapCritical) Initialize() error { 31 return nil 32 } 33 34 func (l *policyMapCritical) CheckApplies(c *x509.Certificate) bool { 35 return util.IsExtInCert(c, util.PolicyMapOID) 36 } 37 38 func (l *policyMapCritical) Execute(c *x509.Certificate) *LintResult { 39 polMap := util.GetExtFromCert(c, util.PolicyMapOID) 40 if polMap.Critical { 41 return &LintResult{Status: Pass} 42 } else { 43 return &LintResult{Status: Warn} 44 } 45 } 46 47 func init() { 48 RegisterLint(&Lint{ 49 Name: "w_ext_policy_map_not_critical", 50 Description: "Policy mappings should be marked as critical", 51 Citation: "RFC 5280: 4.2.1.5", 52 Source: RFC5280, 53 EffectiveDate: util.RFC2459Date, 54 Lint: &policyMapCritical{}, 55 }) 56 }