pkix

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 17, 2023 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Overview

Package pkix contains shared, low level structures used for ASN.1 parsing and serialization of X.509 certificates, CRL and OCSP.

Index

Constants

This section is empty.

Variables

View Source
var (
	OIDAttribute          = asn1.ObjectIdentifier{2, 5, 4}
	OIDCountry            = asn1.ObjectIdentifier{2, 5, 4, 6}
	OIDOrganization       = asn1.ObjectIdentifier{2, 5, 4, 10}
	OIDOrganizationalUnit = asn1.ObjectIdentifier{2, 5, 4, 11}
	OIDCommonName         = asn1.ObjectIdentifier{2, 5, 4, 3}
	OIDSerialNumber       = asn1.ObjectIdentifier{2, 5, 4, 5}
	OIDLocality           = asn1.ObjectIdentifier{2, 5, 4, 7}
	OIDProvince           = asn1.ObjectIdentifier{2, 5, 4, 8}
	OIDStreetAddress      = asn1.ObjectIdentifier{2, 5, 4, 9}
	OIDPostalCode         = asn1.ObjectIdentifier{2, 5, 4, 17}

	OIDPseudonym           = asn1.ObjectIdentifier{2, 5, 4, 65}
	OIDTitle               = asn1.ObjectIdentifier{2, 5, 4, 12}
	OIDDnQualifier         = asn1.ObjectIdentifier{2, 5, 4, 46}
	OIDName                = asn1.ObjectIdentifier{2, 5, 4, 41}
	OIDSurname             = asn1.ObjectIdentifier{2, 5, 4, 4}
	OIDGivenName           = asn1.ObjectIdentifier{2, 5, 4, 42}
	OIDInitials            = asn1.ObjectIdentifier{2, 5, 4, 43}
	OIDGenerationQualifier = asn1.ObjectIdentifier{2, 5, 4, 44}
)

Functions

This section is empty.

Types

type AlgorithmIdentifier

type AlgorithmIdentifier struct {
	Algorithm  asn1.ObjectIdentifier
	Parameters asn1.RawValue `asn1:"optional"`
}

AlgorithmIdentifier represents the ASN.1 structure of the same name. See RFC 5280, section 4.1.1.2.

type AttributeTypeAndValue

type AttributeTypeAndValue struct {
	Type  asn1.ObjectIdentifier
	Value interface{}
}

AttributeTypeAndValue mirrors the ASN.1 structure of the same name in RFC 5280, Section 4.1.2.4.

type AttributeTypeAndValueSET

type AttributeTypeAndValueSET struct {
	Type  asn1.ObjectIdentifier
	Value [][]AttributeTypeAndValue `asn1:"set"`
}

AttributeTypeAndValueSET represents a set of ASN.1 sequences of AttributeTypeAndValue sequences from RFC 2986 (PKCS #10).

type CertificateList

type CertificateList struct {
	TBSCertList        TBSCertificateList
	SignatureAlgorithm AlgorithmIdentifier
	SignatureValue     asn1.BitString
}

CertificateList represents the ASN.1 structure of the same name. See RFC 5280, section 5.1. Use Certificate.CheckCRLSignature to verify the signature.

func (*CertificateList) HasExpired

func (certList *CertificateList) HasExpired(now time.Time) bool

HasExpired reports whether certList should have been updated by now.

type Extension

type Extension struct {
	Id       asn1.ObjectIdentifier
	Critical bool `asn1:"optional"`
	Value    []byte
}

Extension represents the ASN.1 structure of the same name. See RFC 5280, section 4.2.

type Name

type Name struct {
	Country, Organization, OrganizationalUnit []string
	Locality, Province                        []string
	StreetAddress, PostalCode                 []string
	SerialNumber, CommonName                  string

	Names      []AttributeTypeAndValue
	ExtraNames []AttributeTypeAndValue
}

Name represents an X.509 distinguished name. This only includes the common elements of a DN. When parsing, all elements are stored in Names and non-standard elements can be extracted from there. When marshaling, elements in ExtraNames are appended and override other values with the same OID.

func (*Name) FillFromRDNSequence

func (n *Name) FillFromRDNSequence(rdns *RDNSequence)

func (Name) String

func (n Name) String() string

String returns the string form of n, roughly following the RFC 2253 Distinguished Names syntax.

func (Name) ToRDNSequence

func (n Name) ToRDNSequence() (ret RDNSequence)

type RDNSequence

type RDNSequence []RelativeDistinguishedNameSET

func (RDNSequence) String

func (r RDNSequence) String() string

String returns a string representation of the sequence r, roughly following the RFC 2253 Distinguished Names syntax.

type RelativeDistinguishedNameSET

type RelativeDistinguishedNameSET []AttributeTypeAndValue

type RevokedCertificate

type RevokedCertificate struct {
	SerialNumber   *big.Int
	RevocationTime time.Time
	Extensions     []Extension `asn1:"optional"`
}

RevokedCertificate represents the unnamed ASN.1 structure that makes up the revokedCertificates member of the TBSCertList structure. See RFC 5280, section 5.1.

type TBSCertificateList

type TBSCertificateList struct {
	Raw                 asn1.RawContent
	Version             int `asn1:"optional,default:0"`
	Signature           AlgorithmIdentifier
	Issuer              RDNSequence
	ThisUpdate          time.Time
	NextUpdate          time.Time            `asn1:"optional"`
	RevokedCertificates []RevokedCertificate `asn1:"optional"`
	Extensions          []Extension          `asn1:"tag:0,optional,explicit"`
}

TBSCertificateList represents the ASN.1 structure TBSCertList. See RFC 5280, section 5.1.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL