in certViewer/cmd/web/certificates.go [299:338]
func getCertExtensions(cert *x509.Certificate) Extensions {
// initialize []string to store them as `[]` instead of null
san := make([]string, 0)
san = append(san, cert.DNSNames...)
crld := make([]string, 0)
crld = append(crld, cert.CRLDistributionPoints...)
constraints, _ := GetConstraints(cert)
ipNetSliceToStringSlice := func(in []*net.IPNet) []string {
out := make([]string, 0)
for _, ipnet := range in {
out = append(out, ipnet.String())
}
return out
}
permittedIPAddresses := ipNetSliceToStringSlice(constraints.PermittedIPRanges)
excludedIPAddresses := ipNetSliceToStringSlice(constraints.ExcludedIPRanges)
ext := Extensions{
AuthorityKeyId: base64.StdEncoding.EncodeToString(cert.AuthorityKeyId),
SubjectKeyId: base64.StdEncoding.EncodeToString(cert.SubjectKeyId),
KeyUsage: strings.Join(getKeyUsages(cert), ", "),
ExtendedKeyUsage: strings.Join(getExtKeyUsages(cert), ", "),
ExtendedKeyUsageOID: strings.Join(getExtKeyUsageOIDs(cert), ", "),
PolicyIdentifiers: strings.Join(getPolicyIdentifiers(cert), ", "),
SubjectAlternativeName: san,
CRLDistributionPoints: strings.Join(crld, ", "),
PermittedDNSDomains: strings.Join(constraints.PermittedDNSDomains, ", "),
ExcludedDNSDomains: strings.Join(constraints.ExcludedDNSDomains, ", "),
PermittedIPAddresses: strings.Join(permittedIPAddresses, ", "),
ExcludedIPAddresses: strings.Join(excludedIPAddresses, ", "),
}
for _, v := range cert.Extensions {
if OIDFieldName(v.Id) == "InhibitAnyPolicy" {
value, _ := strconv.Atoi(string(v.Value))
ext.InhibitAnyPolicy = &value
}
}
return ext
}