Deps: Update ZCrypto, fix assoc. test breakage. (#435)

* deps: update zcrypto to tip of master. This pulls in ZCrypto at zmap/zcrypto@16679db * lints: remove invalid TestEtsiTypeAsQcStmt test case. The `testdata/QcStmtEtsiTaggedValueCert20.pem` test certificate has an invalid QCStatements extension value[0] and ZCrypto with support for parsing QC Statements panics reading the test cert. Since ZLint can't lint certificates that ZCrypto won't parse we must remove this test case. [0]: #433 (comment) * lints: rm invalid `TestEtsiQcCompliance`, `TestEtsiQcType` certs. Similar to the prev. commit now that ZCrypto understands QCStatement extensions it will error parsing these test cases and so they must be removed. This test coverage should be handled by ZCrypto. * integration: updates for QCStatement lint expected results. With an updated ZCrypto there is now 1 certificate[0] from the integration test data that no longer parses. This in turn means that the `e_qcstatem_qctype_valid`, `n_subject_common_name_included`, `w_qcstatem_qcpds_lang_case` and `w_qcstatem_qctype_web` lints that previously had findings for this certificate need to have their expected result counts adjusted. [0]: https://censys.io/certificates/4712f1b2a94994b55626ecba2104bbf23d39c05e7a2751e5af8a923bac23fd8f
zmap · May 14, 2020 · 9957909 · 9957909
1 parent a42b778
commit 9957909
Show file tree

Hide file tree

Showing 10 changed files with 9 additions and 413 deletions.
diff --git a/v2/go.mod b/v2/go.mod
@@ -3,7 +3,7 @@ module github.com/zmap/zlint/v2
 require (
 	github.com/sirupsen/logrus v1.3.0
 	github.com/weppos/publicsuffix-go v0.4.0
-	github.com/zmap/zcrypto v0.0.0-20191112190257-7f2fe6faf8cf
+	github.com/zmap/zcrypto v0.0.0-20200513165325-16679db567ff
 	golang.org/x/crypto v0.0.0-20200124225646-8b5121be2f68
 	golang.org/x/net v0.0.0-20190620200207-3b0461eec859
 	golang.org/x/text v0.3.0

diff --git a/v2/go.sum b/v2/go.sum
@@ -19,12 +19,15 @@ github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/weppos/publicsuffix-go v0.4.0 h1:YSnfg3V65LcCFKtIGKGoBhkyKolEd0hlipcXaOjdnQw=
 github.com/weppos/publicsuffix-go v0.4.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k=
 github.com/zmap/rc2 v0.0.0-20131011165748-24b9757f5521/go.mod h1:3YZ9o3WnatTIZhuOtot4IcUfzoKVjUHqu6WALIyI0nE=
 github.com/zmap/zcertificate v0.0.0-20180516150559-0e3d58b1bac4/go.mod h1:5iU54tB79AMBcySS0R2XIyZBAVmeHranShAFELYx7is=
 github.com/zmap/zcrypto v0.0.0-20191112190257-7f2fe6faf8cf h1:Q9MiSA+G9DHe/TzG8pnycDn3HwpQuTygphu9M/7KYqU=
 github.com/zmap/zcrypto v0.0.0-20191112190257-7f2fe6faf8cf/go.mod h1:w7kd3qXHh8FNaczNjslXqvFQiv5mMWRXlL9klTUAHc8=
+github.com/zmap/zcrypto v0.0.0-20200513165325-16679db567ff h1:0DDYlvtXPb8EMtQPZ2TJDcM+adqtzy77QOndkCW79JQ=
+github.com/zmap/zcrypto v0.0.0-20200513165325-16679db567ff/go.mod h1:TxpejqcVKQjQaVVmMGfzx5HnmFMdIU+vLtaCyPBfGI4=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793 h1:u+LnwYTOOW7Ukr/fppxEb1Nwz0AtPflrblfvUudpo+I=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
@@ -43,5 +46,7 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d h1:+R4KGOnez64A81RvjARKc4UT5
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
diff --git a/v2/integration/config.json b/v2/integration/config.json
@@ -458,9 +458,7 @@
     "e_qcstatem_qcpds_valid": {},
     "e_qcstatem_qcretentionperiod_valid": {},
     "e_qcstatem_qcsscd_valid": {},
-    "e_qcstatem_qctype_valid": {
-      "ErrCount": 1
-    },
+    "e_qcstatem_qctype_valid": {},
     "e_root_ca_extended_key_usage_present": {},
     "e_root_ca_key_usage_must_be_critical": {
       "ErrCount": 14
@@ -642,7 +640,7 @@
       "NoticeCount": 10
     },
     "n_subject_common_name_included": {
-      "NoticeCount": 45
+      "NoticeCount": 44
     },
     "w_ct_sct_policy_count_unsatisfied": {
       "NoticeCount": 72
@@ -698,10 +696,9 @@
     "w_name_constraint_on_registered_id": {},
     "w_name_constraint_on_x400": {},
     "w_qcstatem_qcpds_lang_case": {
-      "WarnCount": 49
+      "WarnCount": 48
     },
     "w_qcstatem_qctype_web": {
-      "ErrCount": 1,
       "WarnCount": 25
     },
     "w_root_ca_basic_constraints_path_len_constraint_field_present": {},

diff --git a/v2/lints/etsi/lint_qcstatem_etsi_type_as_statem_test.go b/v2/lints/etsi/lint_qcstatem_etsi_type_as_statem_test.go
@@ -24,7 +24,6 @@ import (
 func TestEtsiTypeAsQcStmt(t *testing.T) {
 	m := map[string]lint.LintStatus{
 		"QcStmtEtsiQcTypeAsQcStmtCert10.pem": lint.Error,
-		"QcStmtEtsiTaggedValueCert20.pem":    lint.Error,
 		"QcStmtEtsiValidCert03.pem":          lint.Pass,
 		"QcStmtEtsiEsealValidCert02.pem":     lint.Pass,
 		"QcStmtEtsiTwoQcTypesCert15.pem":     lint.Pass,

diff --git a/v2/lints/etsi/lint_qcstatem_qccompliance_valid_test.go b/v2/lints/etsi/lint_qcstatem_qccompliance_valid_test.go
@@ -24,7 +24,6 @@ import (
 func TestEtsiQcCompliance(t *testing.T) {
 	m := map[string]lint.LintStatus{
 		"QcStmtEtsiQcComplWithNonEmptyStmtInfoCert19.pem": lint.Error,
-		"QcStmtEtsiWrongEncodingCert01.pem":               lint.Error,
 		"QcStmtEtsiValidCert03.pem":                       lint.Pass,
 		"QcStmtEtsiEsealValidCert02.pem":                  lint.Pass,
 		"QcStmtEtsiTwoQcTypesCert15.pem":                  lint.Pass,

diff --git a/v2/lints/etsi/lint_qcstatem_qctype_valid_test.go b/v2/lints/etsi/lint_qcstatem_qctype_valid_test.go
@@ -23,8 +23,6 @@ import (
 
 func TestEtsiQcType(t *testing.T) {
 	m := map[string]lint.LintStatus{
-		"QcStmtEtsiMissingSeqForQcTypesCert18.pem": lint.Error,
-		"QcStmtEtsiMissingOidCert09.pem":           lint.Error,
 		"QcStmtEtsiValidCert03.pem":                lint.Pass,
 		"QcStmtEtsiValidCert11.pem":                lint.Pass,
 		"QcStmtEtsiValidAddLangCert13.pem":         lint.Pass,

diff --git a/v2/testdata/QcStmtEtsiMissingOidCert09.pem b/v2/testdata/QcStmtEtsiMissingOidCert09.pem
diff --git a/v2/testdata/QcStmtEtsiMissingSeqForQcTypesCert18.pem b/v2/testdata/QcStmtEtsiMissingSeqForQcTypesCert18.pem