Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Comparison ¶
A Comparison holds the same piece of information in the preferred representation of OneCRL and CCADB. The purpose is to facilitate quick left/right comparisons between the datasets.
E.G. OneCRL encodes a serial number as a base64 however the CCADB encodes it as an uppercase hexadecimal.
type IssuerSerialComparison ¶
type IssuerSerialComparison struct {
Issuer Comparison `json:"issuer"`
Serial Comparison `json:"serial"`
}
type OneCRL ¶
type OneCRL struct {
*collections.Collection `json:"-"`
Data []*Record `json:"data"`
}
type Record ¶
type Record struct {
// It is rather awkward to hold onto a pointer to the associated CCADB entry,
// however it makes constructing a Comparison struct much easier in main
// as you can bundle the two together as soon has you find the match.
// However, this could be a good opportunity for refactoring/decoupling.
CCADB *ccadb.Certificate `json:"-"`
Schema int `json:"schema"`
Details Details `json:"details"`
Enabled bool `json:"enabled"`
IssuerName string `json:"issuerName,omitempty"`
SerialNumber string `json:"serialNumber,omitempty"`
Subject string `json:"subject,omitempty"`
PubKeyHash string `json:"pubKeyHash,omitempty"`
*api.Record
}
func FromCCADB ¶
func FromCCADB(c *ccadb.Certificate) (*Record, error)
FromCCADB constructs a new OneCRL Record from the provided CCADB certificate.
The outcome of this procedure ultimately is what becomes the proposed changed to OneCRL.
func (*Record) IssuerSerial ¶
func (r *Record) IssuerSerial() *set.IssuerSerial
IssuerSerial parses the X.509 certificate retrieved from the CCADB, extracts the issuer (https://tools.ietf.org/html/rfc5280#section-4.1.2.4) and serial number (https://tools.ietf.org/html/rfc5280#section-4.1.2.2)
An error will be logged and a nil IssuerSerial will be returned if the issuer field could not be parsed or the serial number could not be b64 decoded.
func (*Record) SubjectKeyHash ¶
func (r *Record) SubjectKeyHash() *set.SubjectKeyHash
SubjectKeyHash parses the subject (https://tools.ietf.org/html/rfc5280#section-4.1.2.6) field of a OneCRL entry.
An error will be logged and a nil SubjectKeyHash will be returned if the subject field could not be parsed or the public key hash could not be b64 decoded.
func (*Record) ToComparison ¶
ToComparison generates a comparison between OneCRL and CCADB that easy for a human to read in a left/right sort of way.
Example object may be:
{
"issuer": {
"OneCRL": "MFAxJDAiBgNVBAsTG0dsb2JhbFNpZ24gRUNDIFJvb3QgQ0EgLSBSNTETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbg==",
"CCADB": "GlobalSign"
},
"serial": {
"OneCRL": "Ae5fInnr9AhpWVIjkw==",
"CCADB": "01EE5F2279EBF4086959522393"
}
}
type Set ¶
A Set is a facade that splits OneCRL into two maps - one for lookups into the entries that are identified by the issuer:serial combination, and one for lookups into the entries that are identified by the subject:keyhash combination.
Asking if a CCADB entry is within this type is effectively asking whether it is in at least of the aforementioned maps.
func NewSetFrom ¶
type SubjectKeyHashComparison ¶
type SubjectKeyHashComparison struct {
Subject Comparison `json:"subject"`
Keyhash Comparison `json:"keyHash"`
}
Source Files