zmap
Zcrypto does not parse the "critical" of certificatePolicies in JSON output
Env: Ubuntu x64
Go version: 1.13, 1.15
Reproduce: ./zcertificate seed-4s18-107s39-129s28-386s32-409s26-544s38.pem
Expected result: similar to the "critical" in the following
X509v3 Certificate Policies: critical
Policy: 2.23.140.1.2.1
CPS: https://www.a.com/b.ext
CPS: https://www.c.com/d.ext
User Notice:
Organization: Org A
Numbers: 1, 3, 5
Explicit Text: here is the explicit text
Actual result:
"certificate_policies": [
{
"id": "2.23.140.1.2.1",
"cps": [
"https://www.a.com/b.ext",
"https://www.c.com/d.ext"
],
"user_notice": [
{
"explicit_text": "here is the explicit text",
"notice_reference": [
{
"organization": "Org A",
"notice_numbers": [
1,
3,
5
]
}
]
}
]
}
Attachments:
seed-4s18-107s39-129s28-386s32-409s26-544s38.zip
I think the JSON API may just be stuck with this, since the field in CertificatePolicies is just a list of the policies. It could fit in each policy, but it implies that it can differ between items in the list (which isn't true):
"certificate_policies": [
{
"critical": true,
"id": "2.23.140.1.2.1",
},
{
"critical": true,
"id": "2.23.140.1.2.1",
}
]
the other option would be top-level, like:
"certificate_policies_critical": true,
"certificate_policies": [
{
"id": "2.23.140.1.2.1",
},
{
"id": "2.23.140.1.2.1",
}
]
This is better, I think, but still not ideal. I wish the existing JSON had certificate_policies as an object - maybe one day we could cut a v2 JSON API to fix this (and other issues that are probably lurking)?
"certificate_policies":
"critical": true,
"policies": [
{
"id": "2.23.140.1.2.1",
},
{
"id": "2.23.140.1.2.1",
}
]
]
