Documentation ¶
Overview ¶
Package pkix contains shared, low level structures used for ASN.1 parsing and serialization of X.509 certificates, CRL and OCSP.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( OIDAttribute = asn1.ObjectIdentifier{2, 5, 4} OIDCountry = asn1.ObjectIdentifier{2, 5, 4, 6} OIDOrganization = asn1.ObjectIdentifier{2, 5, 4, 10} OIDOrganizationalUnit = asn1.ObjectIdentifier{2, 5, 4, 11} OIDCommonName = asn1.ObjectIdentifier{2, 5, 4, 3} OIDSerialNumber = asn1.ObjectIdentifier{2, 5, 4, 5} OIDLocality = asn1.ObjectIdentifier{2, 5, 4, 7} OIDProvince = asn1.ObjectIdentifier{2, 5, 4, 8} OIDStreetAddress = asn1.ObjectIdentifier{2, 5, 4, 9} OIDPostalCode = asn1.ObjectIdentifier{2, 5, 4, 17} OIDPseudonym = asn1.ObjectIdentifier{2, 5, 4, 65} OIDTitle = asn1.ObjectIdentifier{2, 5, 4, 12} OIDDnQualifier = asn1.ObjectIdentifier{2, 5, 4, 46} OIDName = asn1.ObjectIdentifier{2, 5, 4, 41} OIDSurname = asn1.ObjectIdentifier{2, 5, 4, 4} OIDGivenName = asn1.ObjectIdentifier{2, 5, 4, 42} OIDInitials = asn1.ObjectIdentifier{2, 5, 4, 43} OIDGenerationQualifier = asn1.ObjectIdentifier{2, 5, 4, 44} )
Functions ¶
This section is empty.
Types ¶
type AlgorithmIdentifier ¶
type AlgorithmIdentifier struct { Algorithm asn1.ObjectIdentifier Parameters asn1.RawValue `asn1:"optional"` }
AlgorithmIdentifier represents the ASN.1 structure of the same name. See RFC 5280, section 4.1.1.2.
type AttributeTypeAndValue ¶
type AttributeTypeAndValue struct { Type asn1.ObjectIdentifier Value interface{} }
AttributeTypeAndValue mirrors the ASN.1 structure of the same name in RFC 5280, Section 4.1.2.4.
type AttributeTypeAndValueSET ¶
type AttributeTypeAndValueSET struct { Type asn1.ObjectIdentifier Value [][]AttributeTypeAndValue `asn1:"set"` }
AttributeTypeAndValueSET represents a set of ASN.1 sequences of AttributeTypeAndValue sequences from RFC 2986 (PKCS #10).
type CertificateList ¶
type CertificateList struct { TBSCertList TBSCertificateList SignatureAlgorithm AlgorithmIdentifier SignatureValue asn1.BitString }
CertificateList represents the ASN.1 structure of the same name. See RFC 5280, section 5.1. Use Certificate.CheckCRLSignature to verify the signature.
func (*CertificateList) HasExpired ¶
func (certList *CertificateList) HasExpired(now time.Time) bool
HasExpired reports whether certList should have been updated by now.
type Extension ¶
type Extension struct { Id asn1.ObjectIdentifier Critical bool `asn1:"optional"` Value []byte }
Extension represents the ASN.1 structure of the same name. See RFC 5280, section 4.2.
type Name ¶
type Name struct {
Country, Organization, OrganizationalUnit []string
Locality, Province []string
StreetAddress, PostalCode []string
SerialNumber, CommonName string
Names []AttributeTypeAndValue
ExtraNames []AttributeTypeAndValue
}
Name represents an X.509 distinguished name. This only includes the common elements of a DN. When parsing, all elements are stored in Names and non-standard elements can be extracted from there. When marshaling, elements in ExtraNames are appended and override other values with the same OID.
func (*Name) FillFromRDNSequence ¶
func (n *Name) FillFromRDNSequence(rdns *RDNSequence)
func (Name) String ¶
String returns the string form of n, roughly following the RFC 2253 Distinguished Names syntax.
func (Name) ToRDNSequence ¶
func (n Name) ToRDNSequence() (ret RDNSequence)
type RDNSequence ¶
type RDNSequence []RelativeDistinguishedNameSET
func (RDNSequence) String ¶
func (r RDNSequence) String() string
String returns a string representation of the sequence r, roughly following the RFC 2253 Distinguished Names syntax.
type RelativeDistinguishedNameSET ¶
type RelativeDistinguishedNameSET []AttributeTypeAndValue
type RevokedCertificate ¶
type RevokedCertificate struct { SerialNumber *big.Int RevocationTime time.Time Extensions []Extension `asn1:"optional"` }
RevokedCertificate represents the unnamed ASN.1 structure that makes up the revokedCertificates member of the TBSCertList structure. See RFC 5280, section 5.1.
type TBSCertificateList ¶
type TBSCertificateList struct { Raw asn1.RawContent Version int `asn1:"optional,default:0"` Signature AlgorithmIdentifier Issuer RDNSequence ThisUpdate time.Time NextUpdate time.Time `asn1:"optional"` RevokedCertificates []RevokedCertificate `asn1:"optional"` Extensions []Extension `asn1:"tag:0,optional,explicit"` }
TBSCertificateList represents the ASN.1 structure TBSCertList. See RFC 5280, section 5.1.