README
¶
DS
This package provides a interface to parse & validate Microsoft Windows authroot.stl file which contains the list of participants in the Microsoft Trusted Root Program. The trust list file contains so-called "subjects", which describe a certificate, their accepted use within Windows, and their trust status.
Usage & Examples
Examples can be found on the documentation for the library
License
Mozilla Public License Version 2.0.
This package embeds a modified version of github.com/mozilla-services/pkcs7. This package is not affiliated with or endorsed by Microsoft. Windows is a registered trademark of Microsoft Corporation.
Documentation
¶
Overview ¶
Package authrootstl provides a interface to parse & validate Microsoft Windows authroot.stl file which contains the list of participants in the Microsoft Trusted Root Program. The trust list file contains so-called "subjects", which describe a certificate, their accepted use within Windows, and their trust status.
This package is not affiliated with or endorsed by Microsoft. Windows is a registered trademark of Microsoft Corporation.
Index ¶
Constants ¶
const ( KeyUsageClientAuthentication uint16 = 1 << iota // 1.3.6.1.5.5.7.3.2 KeyUsageCodeSigning // 1.3.6.1.5.5.7.3.3 KeyUsageDocumentSigning // 1.3.6.1.4.1.311.10.3.12 KeyUsageEncryptingFileSystem // 1.3.6.1.4.1.311.10.3.4 KeyUsageIPSecEndSystem // 1.3.6.1.5.5.7.3.5 KeyUsageIPSecIKEIntermediate // 1.3.6.1.5.5.8.2.2 KeyUsageIPSecTunnelTermination // 1.3.6.1.5.5.7.3.6 KeyUsageIPSecUser // 1.3.6.1.5.5.7.3.7 KeyUsageOCSPSigning // 1.3.6.1.5.5.7.3.9 KeyUsageSecureEmail // 1.3.6.1.5.5.7.3.4 KeyUsageServerAuthentication // 1.3.6.1.5.5.7.3.1 KeyUsageTimeStamping // 1.3.6.1.5.5.7.3.8 )
Microsoft extended key usage designators
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Subject ¶ added in v1.0.1
type Subject struct {
// A friendly name for this subject. This may differ from the subject name of the certificate.
FriendlyName string
// The SHA-256 fingerprint of the certificate in uppercase hex.
SHA256Fingerprint string
// The SHA-1 fingerprint of the certificate in uppercase hex.
SHA1Fingerprint string
// A MD5 hash of the certificates subject name in uppercase hex. Note that this is NOT a hash of the certificate.
SubjectNameMD5 string
// The key ID of the certicate in uppercase hex.
KeyID string
// A bitmask of key usage scenarios accepted for this subject. These typically aren't present on the certificate themselves.
MicrosoftExtendedKeyUsage uint16
// If this subject has been distrusted by Microsoft then this field will contain the date of when that occured.
DisabledDate *time.Time
// An optional date used to restrict certificates under this subject after the given date.
NotBefore *time.Time
// If a value is present in NotBefore then this field may contain MSEKUs that further restrict the use of certificates under this subject.
NotBeforeEKU uint16
}
Subject describes a participate in the Microsoft trusted root program. Note that a Subject does not contain the root certificate itself, but instead provides information as to how the certificate could be used. A subject may be distrusted or expired.
Source Files