Skip to content

Commit

Permalink
updated per code review
Browse files Browse the repository at this point in the history 
Signed-off-by: Patrick Zheng <[email protected]>
  • Loading branch information
@Two-Hearts
Two-Hearts committed Jul 22, 2024
1 parent cafc2e1 commit b05572b
Showing 1 changed file with 2 additions and 4 deletions.
6 changes: 2 additions & 4 deletions internal/x509/cert.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,10 @@ import (
)

// IsRootCertificate returns true if cert is a root certificate.
// A root certificate MUST be a self-signed and self-issued CA certificate with
// valid BasicConstraints.
// A root certificate MUST be a self-signed and self-issued certificate.
func IsRootCertificate(cert *x509.Certificate) (bool, error) {
// CheckSignatureFrom also checks cert.BasicConstraintsValid
if err := cert.CheckSignatureFrom(cert); err != nil {
return false, err
}
return cert.IsCA && bytes.Equal(cert.RawSubject, cert.RawIssuer), nil
return bytes.Equal(cert.RawSubject, cert.RawIssuer), nil
}

0 comments on commit b05572b

Please sign in to comment.