@@ -30,21 +30,21 @@ import (
3030 "golang.org/x/crypto/cryptobyte"
3131)
3232
33- // RFC 5280, 5.3.1
34- //
35- // CRLReason ::= ENUMERATED {
36- // unspecified (0),
37- // keyCompromise (1),
38- // cACompromise (2),
39- // affiliationChanged (3),
40- // superseded (4),
41- // cessationOfOperation (5),
42- // certificateHold (6),
43- // -- value 7 is not used
44- // removeFromCRL (8),
45- // privilegeWithdrawn (9),
46- // aACompromise (10) }
4733const (
34+ // RFC 5280, 5.3.1
35+ //
36+ // CRLReason ::= ENUMERATED {
37+ // unspecified (0),
38+ // keyCompromise (1),
39+ // cACompromise (2),
40+ // affiliationChanged (3),
41+ // superseded (4),
42+ // cessationOfOperation (5),
43+ // certificateHold (6),
44+ // -- value 7 is not used
45+ // removeFromCRL (8),
46+ // privilegeWithdrawn (9),
47+ // aACompromise (10) }
4848 // certificateHold
4949 reasonCodeCertificateHold = 6
5050
@@ -118,7 +118,7 @@ func CertCheckStatus(ctx context.Context, cert, issuer *x509.Certificate, opts C
118118 serverResults = make ([]* result.ServerResult , 0 , len (cert .CRLDistributionPoints ))
119119 lastErr error
120120 crlURL string
121- hasFreshestCRLInCertificate = x509util .FindExtensionByOID (oidFreshestCRL , cert .Extensions ) != nil
121+ hasFreshestCRLInCertificate = x509util .FindExtensionByOID (cert .Extensions , oidFreshestCRL ) != nil
122122 )
123123
124124 // The CRLDistributionPoints contains the URIs of all the CRL distribution
@@ -221,7 +221,7 @@ func validate(bundle *crl.Bundle, issuer *x509.Certificate) error {
221221 }
222222
223223 // check delta CRL indicator extension
224- extension := x509util .FindExtensionByOID (oidDeltaCRLIndicator , deltaCRL .Extensions )
224+ extension := x509util .FindExtensionByOID (deltaCRL .Extensions , oidDeltaCRLIndicator )
225225 if extension == nil {
226226 return errors .New ("delta CRL indicator extension is not found" )
227227 }
0 commit comments