revocation

package
v1.32.0-rc Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 9, 2021 License: AGPL-3.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (

	// Error is a revocation error.
	Error = errs.Class("revocation")
)

Functions

This section is empty.

Types

type DB

type DB struct {
	// contains filtered or unexported fields
}

DB stores the most recently seen revocation for each nodeID (i.e. nodeID [CA certificate's public key hash] is the key, values is the most recently seen revocation).

func OpenDB

func OpenDB(ctx context.Context, dbURL string) (*DB, error)

OpenDB returns a new revocation database given the URL.

func OpenDBFromCfg

func OpenDBFromCfg(ctx context.Context, cfg tlsopts.Config) (*DB, error)

OpenDBFromCfg is a convenience method to create a revocation DB directly from a config. If the revocation extension option is not set, it returns a nil db with no error.

func (*DB) Close

func (db *DB) Close() error

Close closes the underlying store.

func (*DB) Get

func (db *DB) Get(ctx context.Context, chain []*x509.Certificate) (_ *extensions.Revocation, err error)

Get attempts to retrieve the most recent revocation for the given cert chain (the key used in the underlying database is the nodeID of the certificate chain).

func (*DB) List

func (db *DB) List(ctx context.Context) (revs []*extensions.Revocation, err error)

List lists all revocations in the store.

func (*DB) Put

func (db *DB) Put(ctx context.Context, chain []*x509.Certificate, revExt pkix.Extension) (err error)

Put stores the most recent revocation for the given cert chain IF the timestamp is newer than the current value (the key used in the underlying database is the nodeID of the certificate chain).

func (*DB) TestGetStore

func (db *DB) TestGetStore() storage.KeyValueStore

TestGetStore returns the internal store for testing.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL