Tandem
/
certspotter
mirror of https://github.com/SSLMate/certspotter.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add some comments

This commit is contained in:
Andrew Ayer 2016-07-19 10:31:23 -07:00
parent 19e05b901a
commit ebdf2af720
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
x509.go
View File

@ -177,7 +177,7 @@ func ParseTBSCertificate (tbsBytes []byte) (*TBSCertificate, error) {
if rest, err := asn1.Unmarshal(tbsBytes, &tbs); err != nil { if rest, err := asn1.Unmarshal(tbsBytes, &tbs); err != nil {
return nil, errors.New("failed to parse TBS: " + err.Error()) return nil, errors.New("failed to parse TBS: " + err.Error())
} else if len(rest) > 0 { } else if len(rest) > 0 {
return nil, fmt.Errorf("trailing data after TBS: %v", rest) return nil, fmt.Errorf("trailing data after TBS: %v", rest) // XXX: too strict?
} }
return &tbs, nil return &tbs, nil
} }
@ -267,7 +267,7 @@ func (tbs *TBSCertificate) ParseSubject () (RDNSequence, error) {
if rest, err := asn1.Unmarshal(tbs.GetRawSubject(), &subject); err != nil { if rest, err := asn1.Unmarshal(tbs.GetRawSubject(), &subject); err != nil {
return nil, errors.New("failed to parse certificate subject: " + err.Error()) return nil, errors.New("failed to parse certificate subject: " + err.Error())
} else if len(rest) != 0 { } else if len(rest) != 0 {
return nil, fmt.Errorf("trailing data in certificate subject: %v", rest) return nil, fmt.Errorf("trailing data in certificate subject: %v", rest) // XXX: too strict?
} }
return subject, nil return subject, nil
} }
@ -277,7 +277,7 @@ func (tbs *TBSCertificate) ParseIssuer () (RDNSequence, error) {
if rest, err := asn1.Unmarshal(tbs.GetRawIssuer(), &issuer); err != nil { if rest, err := asn1.Unmarshal(tbs.GetRawIssuer(), &issuer); err != nil {
return nil, errors.New("failed to parse certificate issuer: " + err.Error()) return nil, errors.New("failed to parse certificate issuer: " + err.Error())
} else if len(rest) != 0 { } else if len(rest) != 0 {
return nil, fmt.Errorf("trailing data in certificate issuer: %v", rest) return nil, fmt.Errorf("trailing data in certificate issuer: %v", rest) // XXX: too strict?
} }
return issuer, nil return issuer, nil
} }
@ -325,7 +325,7 @@ func ParseCertificate (certBytes []byte) (*Certificate, error) {
if rest, err := asn1.Unmarshal(certBytes, &cert); err != nil { if rest, err := asn1.Unmarshal(certBytes, &cert); err != nil {
return nil, errors.New("failed to parse certificate: " + err.Error()) return nil, errors.New("failed to parse certificate: " + err.Error())
} else if len(rest) > 0 { } else if len(rest) > 0 {
return nil, fmt.Errorf("trailing data after certificate: %v", rest) return nil, fmt.Errorf("trailing data after certificate: %v", rest) // XXX: too strict?
} }
return &cert, nil return &cert, nil
} }
@ -346,11 +346,11 @@ func parseSANExtension (sans []SubjectAltName, value []byte) ([]SubjectAltName,
// Don't complain if the SAN is followed by exactly one zero byte, // Don't complain if the SAN is followed by exactly one zero byte,
// which is a common error. // which is a common error.
if !(len(rest) == 1 && rest[0] == 0) { if !(len(rest) == 1 && rest[0] == 0) {
return nil, fmt.Errorf("trailing data in subjectAltName extension: %v", rest) return nil, fmt.Errorf("trailing data in subjectAltName extension: %v", rest) // XXX: too strict?
} }
} }
if !seq.IsCompound || seq.Tag != 16 || seq.Class != 0 { if !seq.IsCompound || seq.Tag != 16 || seq.Class != 0 {
return nil, errors.New("failed to parse subjectAltName extension: bad SAN sequence") return nil, errors.New("failed to parse subjectAltName extension: bad SAN sequence") // XXX: too strict?
} }
rest := seq.Bytes rest := seq.Bytes