fix: update

Signed-off-by: Junjie Gao <[email protected]>
notaryproject · Aug 19, 2024 · c3a484e · c3a484e
1 parent 815cc5f
commit c3a484e
Showing 1 changed file with 6 additions and 7 deletions.
diff --git a/revocation/internal/crl/crl.go b/revocation/internal/crl/crl.go
@@ -160,17 +160,16 @@ func validate(crl *x509.RevocationList, issuer *x509.Certificate) error {
 		return fmt.Errorf("CRL is expired: %v", crl.NextUpdate)
 	}
 
-	// unsupported critical extensions is not allowed. (See RFC 5280, Section 5.2)
 	for _, ext := range crl.Extensions {
-		switch {
-		case ext.Id.Equal(oidIssuingDistributionPoint):
+		if ext.Id.Equal(oidIssuingDistributionPoint) {
 			// IssuingDistributionPoint is a critical extension that identifies
 			// the scope of the CRL. Since we will check all the CRL
 			// distribution points, it is not necessary to check this extension.
-		default:
-			if ext.Critical {
-				return fmt.Errorf("CRL contains unsupported critical extension: %v", ext.Id)
-			}
+			continue
+		}
+		if ext.Critical {
+			// unsupported critical extensions is not allowed. (See RFC 5280, Section 5.2)
+			return fmt.Errorf("CRL contains unsupported critical extension: %v", ext.Id)
 		}
 	}