What about several conditionals that set various elements of a struct to 1, and the cert is valid iff all elements are 1. At least that way a skipped check (i.e. goto fail;) wouldn't result in a false positive...
So basically abstract the details of each sub-condition from the final check that all sub-conditions are met?
That does sound like a good idea as long as the meaning of `1` and `0` do not get confused, and as long as we're not talking about some niche context where extra overhead for the sake of code maintainability would be a problem.
