Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // EKUOID is the Extended Key Usage OID, per RFC 5280 EKUOID = asn1.ObjectIdentifier{2, 5, 29, 37} )
View Source
var ErrWeakHashAlg = errors.New("weak hash algorithm: must be SHA-256, SHA-384, or SHA-512")
Functions ¶
func VerifyRequest ¶ added in v0.2.1
func VerifyTimestampResponse ¶
func VerifyTimestampResponse(tsrBytes []byte, artifact io.Reader, opts VerifyOpts) (*timestamp.Timestamp, error)
VerifyTimestampResponse the timestamp response using a timestamp certificate chain.
Types ¶
type VerifyOpts ¶ added in v0.2.0
type VerifyOpts struct {
// OID verifies that the TSR's OID has an expected value. Optional, used when
// an alternative OID was passed with a request to the TSA
OID asn1.ObjectIdentifier
// TSACertificate verifies that the TSR uses the TSACertificate as expected. Optional if the TSR contains the TSA certificate
TSACertificate *x509.Certificate
// Intermediates verifies the TSR's certificate. Optional, used for chain building
Intermediates []*x509.Certificate
// Roots is the set of trusted root certificates that verifies the TSR's certificate
Roots []*x509.Certificate
// Nonce verifies that the TSR contains the expected nonce. Optional, used when
// an optional nonce was passed with a request to the TSA
Nonce *big.Int
// CommonName verifies that the TSR certificate subject's Common Name matches the expected value. Optional
CommonName string
}
VerifyOpts contains verification options for a RFC3161 timestamp
Source Files
Click to show internal directories.
Click to hide internal directories.