Documentation ¶
Index ¶
- Constants
- func IsPrecert(entry *ct.LogEntry) bool
- func MarshalRDNSequence(rdns RDNSequence) ([]byte, error)
- func MatchesWildcard(dnsName string, pattern string) bool
- func VerifyPrecertSCT(sct *ct.SignedCertificateTimestamp, precert ct.PreCert, ...) error
- func VerifyX509SCT(sct *ct.SignedCertificateTimestamp, cert []byte, verify *ct.SignatureVerifier) error
- type AttributeTypeAndValue
- type CertInfo
- type CertValidity
- type Certificate
- type Extension
- type Identifiers
- type PrecertInfo
- type RDNSequence
- type RelativeDistinguishedNameSET
- type SubjectAltName
- type TBSCertificate
- func (tbs *TBSCertificate) GetExtension(id asn1.ObjectIdentifier) []Extension
- func (tbs *TBSCertificate) GetRawIssuer() []byte
- func (tbs *TBSCertificate) GetRawPublicKey() []byte
- func (tbs *TBSCertificate) GetRawSubject() []byte
- func (tbs *TBSCertificate) ParseBasicConstraints() (*bool, error)
- func (tbs *TBSCertificate) ParseIssuer() (RDNSequence, error)
- func (tbs *TBSCertificate) ParseSerialNumber() (*big.Int, error)
- func (tbs *TBSCertificate) ParseSubject() (RDNSequence, error)
- func (tbs *TBSCertificate) ParseSubjectAltNames() ([]SubjectAltName, error)
- func (tbs *TBSCertificate) ParseSubjectCommonNames() ([]string, error)
- func (tbs *TBSCertificate) ParseValidity() (*CertValidity, error)
Constants ¶
View Source
const UnparsableDNSLabelPlaceholder = "<unparsable>"
Variables ¶
This section is empty.
Functions ¶
func MarshalRDNSequence ¶
func MarshalRDNSequence(rdns RDNSequence) ([]byte, error)
func VerifyPrecertSCT ¶
func VerifyPrecertSCT(sct *ct.SignedCertificateTimestamp, precert ct.PreCert, verify *ct.SignatureVerifier) error
func VerifyX509SCT ¶
func VerifyX509SCT(sct *ct.SignedCertificateTimestamp, cert []byte, verify *ct.SignatureVerifier) error
Types ¶
type AttributeTypeAndValue ¶
type AttributeTypeAndValue struct { Type asn1.ObjectIdentifier Value asn1.RawValue }
type CertInfo ¶
type CertInfo struct { TBS *TBSCertificate Subject RDNSequence SubjectParseError error Issuer RDNSequence IssuerParseError error SANs []SubjectAltName SANsParseError error SerialNumber *big.Int SerialNumberParseError error Validity *CertValidity ValidityParseError error IsCA *bool IsCAParseError error IsPreCert bool }
func MakeCertInfoFromLogEntry ¶
func MakeCertInfoFromTBS ¶
func MakeCertInfoFromTBS(tbs *TBSCertificate) *CertInfo
func (*CertInfo) ParseIdentifiers ¶
func (cert *CertInfo) ParseIdentifiers() (*Identifiers, error)
type Certificate ¶
type Certificate struct { Raw asn1.RawContent TBSCertificate asn1.RawValue SignatureAlgorithm asn1.RawValue SignatureValue asn1.RawValue }
func ParseCertificate ¶
func ParseCertificate(certBytes []byte) (*Certificate, error)
func (*Certificate) GetRawTBSCertificate ¶
func (cert *Certificate) GetRawTBSCertificate() []byte
func (*Certificate) ParseSignatureAlgorithm ¶
func (cert *Certificate) ParseSignatureAlgorithm() (*pkix.AlgorithmIdentifier, error)
func (*Certificate) ParseSignatureValue ¶
func (cert *Certificate) ParseSignatureValue() ([]byte, error)
func (*Certificate) ParseTBSCertificate ¶
func (cert *Certificate) ParseTBSCertificate() (*TBSCertificate, error)
type Extension ¶
type Extension struct { Id asn1.ObjectIdentifier Critical bool `asn1:"optional"` Value []byte }
type Identifiers ¶
type Identifiers struct { DNSNames []string // stored as ASCII, with IDNs in Punycode IPAddrs []net.IP }
func NewIdentifiers ¶
func NewIdentifiers() *Identifiers
func (*Identifiers) AddCN ¶
func (ids *Identifiers) AddCN(value string)
func (*Identifiers) AddDnsSAN ¶
func (ids *Identifiers) AddDnsSAN(value []byte)
func (*Identifiers) AddIPAddress ¶
func (ids *Identifiers) AddIPAddress(value net.IP)
type PrecertInfo ¶
type PrecertInfo struct { SameIssuer bool // The pre-certificate was issued from the same CA as the final certificate Issuer []byte // The pre-certificate's issuer, if different from the final certificate AKI []byte // The pre-certificate's AKI, if present and different from the final certificate }
func ValidatePrecert ¶
func ValidatePrecert(precertBytes []byte, tbsBytes []byte) (*PrecertInfo, error)
type RDNSequence ¶
type RDNSequence []RelativeDistinguishedNameSET
func CanonicalizeRDNSequence ¶
func CanonicalizeRDNSequence(oldSequence RDNSequence) (RDNSequence, error)
func ParseRDNSequence ¶
func ParseRDNSequence(rdnsBytes []byte) (RDNSequence, error)
func (RDNSequence) ParseCNs ¶
func (rdns RDNSequence) ParseCNs() ([]string, error)
func (RDNSequence) String ¶
func (rdns RDNSequence) String() string
type RelativeDistinguishedNameSET ¶
type RelativeDistinguishedNameSET []AttributeTypeAndValue
type SubjectAltName ¶
func ParseSANExtension ¶ added in v0.17.0
func ParseSANExtension(sans []SubjectAltName, value []byte) ([]SubjectAltName, error)
func (SubjectAltName) String ¶
func (san SubjectAltName) String() string
type TBSCertificate ¶
type TBSCertificate struct { Raw asn1.RawContent Version int `asn1:"optional,explicit,default:1,tag:0"` SerialNumber asn1.RawValue SignatureAlgorithm asn1.RawValue Issuer asn1.RawValue Validity asn1.RawValue Subject asn1.RawValue PublicKey asn1.RawValue UniqueId asn1.BitString `asn1:"optional,tag:1"` SubjectUniqueId asn1.BitString `asn1:"optional,tag:2"` Extensions []Extension `asn1:"optional,explicit,tag:3"` }
func ParseTBSCertificate ¶
func ParseTBSCertificate(tbsBytes []byte) (*TBSCertificate, error)
func ReconstructPrecertTBS ¶
func ReconstructPrecertTBS(tbs *TBSCertificate) (*TBSCertificate, error)
func (*TBSCertificate) GetExtension ¶
func (tbs *TBSCertificate) GetExtension(id asn1.ObjectIdentifier) []Extension
func (*TBSCertificate) GetRawIssuer ¶
func (tbs *TBSCertificate) GetRawIssuer() []byte
func (*TBSCertificate) GetRawPublicKey ¶
func (tbs *TBSCertificate) GetRawPublicKey() []byte
func (*TBSCertificate) GetRawSubject ¶
func (tbs *TBSCertificate) GetRawSubject() []byte
func (*TBSCertificate) ParseBasicConstraints ¶
func (tbs *TBSCertificate) ParseBasicConstraints() (*bool, error)
func (*TBSCertificate) ParseIssuer ¶
func (tbs *TBSCertificate) ParseIssuer() (RDNSequence, error)
func (*TBSCertificate) ParseSerialNumber ¶
func (tbs *TBSCertificate) ParseSerialNumber() (*big.Int, error)
func (*TBSCertificate) ParseSubject ¶
func (tbs *TBSCertificate) ParseSubject() (RDNSequence, error)
func (*TBSCertificate) ParseSubjectAltNames ¶
func (tbs *TBSCertificate) ParseSubjectAltNames() ([]SubjectAltName, error)
func (*TBSCertificate) ParseSubjectCommonNames ¶
func (tbs *TBSCertificate) ParseSubjectCommonNames() ([]string, error)
func (*TBSCertificate) ParseValidity ¶
func (tbs *TBSCertificate) ParseValidity() (*CertValidity, error)
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
cmd
|
|
client
Package client is a CT log client implementation and contains types and code for interacting with RFC6962-compliant CT Log instances.
|
Package client is a CT log client implementation and contains types and code for interacting with RFC6962-compliant CT Log instances. |
Click to show internal directories.
Click to hide internal directories.