Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CCADB ¶
type CCADB = []*Certificate
type Certificate ¶
type Certificate struct {
CAOwner string `csv:"CA Owner"`
RevocationStatus string `csv:"Revocation Status"`
ReasonCode string `csv:"RFC 5280 Revocation Reason Code"`
DateOfRevocation string `csv:"Date of Revocation"`
OneCRLStatus string `csv:"OneCRL Status"`
OneCRLBugNumber string `csv:"OneCRL Bug Number"`
CertificateSerialNumber string `csv:"Certificate Serial Number"`
CaOwnerName string `csv:"CA Owner/Certificate Name"`
CertificateIssuerName string `csv:"Certificate Issuer Common Name"`
CertificateIssuerOrganization string `csv:"Certificate Issuer Organization"`
CertificateSubjectCommonName string `csv:"Certificate Subject Common Name"`
CertificateSubjectOrganization string `csv:"Certificate Subject Organization"`
Fingerprint string `csv:"SHA-256 Fingerprint"`
SubjectSPKIHash string `csv:"Subject + SPKI SHA256"`
NotBefore string `csv:"Valid From [GMT]"`
NotAfter string `csv:"Valid To [GMT]"`
KeyAlgorithm string `csv:"Public Key Algorithm"`
SignatureAlgorithm string `csv:"Signature Hash Algorithm"`
CRLs string `csv:"CRL URL(s)"`
AlternativeCRL string `csv:"Alternate CRL"`
Comments string `csv:"Comments"`
PemInfo string `csv:"PEM Info"`
}
func Default ¶
func Default() ([]*Certificate, error)
func FromReader ¶
func FromReader(reader io.Reader) ([]*Certificate, error)
func FromURL ¶
func FromURL(url string) ([]*Certificate, error)
func (*Certificate) IssuerSerial ¶
func (c *Certificate) IssuerSerial() *set.IssuerSerial
IssuerSerial parses the X.509 certificate retrieved from the CCADB, extracts the issuer (https://tools.ietf.org/html/rfc5280#section-4.1.2.4) and serial number (https://tools.ietf.org/html/rfc5280#section-4.1.2.2)
An error will be logged and a nil IssuerSerial returned if no certificate is present or if the certificate cannot be parsed..
func (*Certificate) PEM ¶
func (c *Certificate) PEM() string
PEM returns a parseable PEM string from the PemInfo field. If you want to do something with the certificate then you should use this method rather than accessing the raw PemInfo field as the CCADB has as the habit of double encoding strings with inner single quotes.
func (*Certificate) ParseCertificate ¶
func (c *Certificate) ParseCertificate() (*x509.Certificate, error)
ParseCertificate returns the parsed x509.Certificate.
A nil certificate and an error is returned if the CCADB does not have a certificate, the certificate cannot be PEM decoded, or the certificate cannot be x509 decoded.
func (*Certificate) SubjectKeyHash ¶
func (c *Certificate) SubjectKeyHash() *set.SubjectKeyHash
SubjectKeyHash parses the X.509 certificate retrieved from the CCADB, extracts the subject (https://tools.ietf.org/html/rfc5280#section-4.1.2.6) and SPKI (https://tools.ietf.org/html/rfc5280#section-4.1.2.7). The SPKI is hashed with SHA256.
An error will be logged and a nil SubjectKeyHash returned if no certificate is present or if the certificate cannot be parsed..
func (*Certificate) Type ¶
func (c *Certificate) Type() set.Type
Since the CCADB has the physical certificate, we can represent ourselves as either an IssuerSerial OR a SubjectKeyHash.
Source Files