Documentation
¶
Index ¶
Constants ¶
View Source
const ( // KintoRequestURL specifies a pre-populated URL where to send request KintoRequestURL = "https://settings.prod.mozaws.net/v1/buckets/security-state-staging/collections/onecrl/records" // OneCRLDistPoint specifies a pre-populated URL where to send request OneCRLDistPoint = "https://firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/certificates/records" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Entry ¶
type Entry struct {
ID string
Schema time.Time
Details EntryDetails
Enabled bool
Issuer *pkix.Name
SerialNumber *big.Int
SubjectAndPublicKey *SubjectAndPublicKey
LastModified time.Time
}
Entry - entry for a single certificate
func (*Entry) UnmarshalJSON ¶
UnmarshalJSON implements the json.Unmarshaler interface
type EntryDetails ¶
type EntryDetails struct {
Bug string `json:"bug,omitempty"`
Who string `json:"who,omitempty"`
Why string `json:"why,omitempty"`
Name string `json:"name,omitempty"`
Created *time.Time `json:"created,omitempty"`
}
EntryDetails - revocation details for a single entry
type IssuerList ¶
IssuerList - list of Entry for a given issuer
type OneCRL ¶
type OneCRL struct {
IssuerLists map[string]*IssuerList
// Blocked provides a list of revoked entries by Subject and PubKeyHash
Blocked []*SubjectAndPublicKey
}
OneCRL - data structure for storing OneCRL data, used by methods below
func FetchAndParse ¶
FetchAndParse - fetch from distribution point, parse to OneCRL struct as defined above
func (*OneCRL) Check ¶
func (c *OneCRL) Check(cert *x509.Certificate) *Entry
Check - Given a parsed OneCRL, check if a given cert is present
func (*OneCRL) FindIssuer ¶
func (c *OneCRL) FindIssuer(issuer *pkix.Name) *IssuerList
FindIssuer - given an issuer pkix.name, find its corresponding IssuerList
type Provider ¶
Provider specifies OneCRL provider interface
func NewProvider ¶
NewProvider returns default Provider
Source Files
Click to show internal directories.
Click to hide internal directories.