Skip to content

Commit

Permalink
x509-cert: ignore commonName warning (#1327)
Browse files Browse the repository at this point in the history 
With the upgrade of zlint to 3.6.0 came new lints.
One of them is enforcement of one of the measure from SC-62 removing
commonName from the Subject.
  • Loading branch information
@baloo
baloo authored Jan 19, 2024
1 parent 69384ad commit b8b4e93
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions x509-cert/tests/builder.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,6 +165,9 @@ fn leaf_certificate() {
"e_subject_common_name_not_exactly_from_san",
// Extended key usage needs to be added by end-user and is use-case dependent
"e_sub_cert_eku_missing",
// TODO(baloo): drop this in https://github.com/RustCrypto/formats/pull/1306
// CABF SC-62 marked commoName (CN) as not recommended
"w_subject_common_name_included",
];

zlint::check_certificate(pem.as_bytes(), &ignored);
Expand Down Expand Up @@ -242,6 +245,9 @@ fn pss_certificate() {
"e_sub_cert_eku_missing",
// zlint warns on RSAPSS signature algorithms
"e_signature_algorithm_not_supported",
// TODO(baloo): drop this in https://github.com/RustCrypto/formats/pull/1306
// CABF SC-62 marked commoName (CN) as not recommended
"w_subject_common_name_included",
];

zlint::check_certificate(pem.as_bytes(), ignored);
Expand Down

0 comments on commit b8b4e93

Please sign in to comment.