ocsp

package
v1.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 14, 2024 License: Apache-2.0 Imports: 17 Imported by: 6

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Verify

func Verify(ctx context.Context, connState tls.ConnectionState, opts *VerifyOptions) error

Verify performs OCSP verification for the provided ConnectionState instance.

Types

type Cache

type Cache interface {
	Update(*ocsp.Request, *ResponseDetails) *ResponseDetails
	Get(request *ocsp.Request) *ResponseDetails
}

Cache represents an OCSP cache.

type ConcurrentCache

type ConcurrentCache struct {
	sync.Mutex
	// contains filtered or unexported fields
}

ConcurrentCache is an implementation of ocsp.Cache that's safe for concurrent use.

func NewCache

func NewCache() *ConcurrentCache

NewCache creates an empty OCSP cache.

func (*ConcurrentCache) Get

func (c *ConcurrentCache) Get(request *ocsp.Request) *ResponseDetails

Get returns the cached response for the request, or nil if there is no cached response. If the cached response has expired, it will be removed from the cache and nil will be returned.

func (*ConcurrentCache) Update

func (c *ConcurrentCache) Update(request *ocsp.Request, response *ResponseDetails) *ResponseDetails

Update updates the cache entry for the provided request. The provided response will only be cached if it has a status that is not ocsp.Unknown and has a non-zero NextUpdate time. If there is an existing cache entry for request, it will be overwritten by response if response.NextUpdate is further ahead in the future than the existing entry's NextUpdate.

This function returns the most up-to-date response corresponding to the request.

type Error

type Error struct {
	// contains filtered or unexported fields
}

Error represents an OCSP verification error

func (*Error) Error

func (e *Error) Error() string

Error implements the error interface

func (*Error) Unwrap

func (e *Error) Unwrap() error

Unwrap returns the underlying error.

type ResponseDetails

type ResponseDetails struct {
	Status     int
	NextUpdate time.Time
}

ResponseDetails contains a subset of the details needed from an OCSP response after the original response has been validated.

type VerifyOptions

type VerifyOptions struct {
	Cache                   Cache
	DisableEndpointChecking bool
	HTTPClient              *http.Client
}

VerifyOptions specifies options to configure OCSP verification.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL