Documentation
¶
Overview ¶
Package ocsp parses OCSP responses as specified in RFC 2560. OCSP responses are signed messages attesting to the validity of a certificate for a small period of time. This is used to manage revocation for X.509 certificates.
Index ¶
Constants ¶
View Source
const ( // Good means that the certificate is valid. Good = iota // Revoked means that the certificate has been deliberately revoked. Revoked = iota // Unknown means that the OCSP responder doesn't know about the certificate. Unknown = iota // ServerFailed means that the OCSP responder failed to process the request. ServerFailed = iota )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ParseError ¶
type ParseError string
ParseError results from an invalid OCSP response.
func (ParseError) Error ¶
func (p ParseError) Error() string
type Response ¶
type Response struct {
// Status is one of {Good, Revoked, Unknown, ServerFailed}
Status int
SerialNumber []byte
ProducedAt, ThisUpdate, NextUpdate, RevokedAt time.Time
RevocationReason int
Certificate *x509.Certificate
}
Response represents an OCSP response. See RFC 2560.
func ParseResponse ¶
ParseResponse parses an OCSP response in DER form. It only supports responses for a single certificate and only those using RSA signatures. Non-RSA responses will result in an x509.UnsupportedAlgorithmError. Signature errors or parse failures will result in a ParseError.
Source Files
Click to show internal directories.
Click to hide internal directories.