ocsp

package
v0.0.0-...-d16ac53 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 13, 2016 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Overview

Package ocsp parses OCSP responses as specified in RFC 2560. OCSP responses are signed messages attesting to the validity of a certificate for a small period of time. This is used to manage revocation for X.509 certificates.

Index

Constants

View Source
const (
	// Good means that the certificate is valid.
	Good = iota
	// Revoked means that the certificate has been deliberately revoked.
	Revoked = iota
	// Unknown means that the OCSP responder doesn't know about the certificate.
	Unknown = iota
	// ServerFailed means that the OCSP responder failed to process the request.
	ServerFailed = iota
)

Variables

This section is empty.

Functions

This section is empty.

Types

type ParseError

type ParseError string

ParseError results from an invalid OCSP response.

func (ParseError) Error

func (p ParseError) Error() string

type Response

type Response struct {
	// Status is one of {Good, Revoked, Unknown, ServerFailed}
	Status                                        int
	SerialNumber                                  []byte
	ProducedAt, ThisUpdate, NextUpdate, RevokedAt time.Time
	RevocationReason                              int
	Certificate                                   *x509.Certificate
}

Response represents an OCSP response. See RFC 2560.

func ParseResponse

func ParseResponse(bytes []byte) (*Response, error)

ParseResponse parses an OCSP response in DER form. It only supports responses for a single certificate and only those using RSA signatures. Non-RSA responses will result in an x509.UnsupportedAlgorithmError. Signature errors or parse failures will result in a ParseError.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL