Go: crypto/x509/pkix Index | Files

package pkix

import "crypto/x509/pkix"

Package pkix contains shared, low level structures used for ASN.1 parsing and serialization of X.509 certificates, CRL and OCSP.

Index

Package Files

pkix.go

type AlgorithmIdentifier Uses

type AlgorithmIdentifier struct {
    Algorithm  asn1.ObjectIdentifier
    Parameters asn1.RawValue `asn1:"optional"`
}

AlgorithmIdentifier represents the ASN.1 structure of the same name. See RFC 5280, section 4.1.1.2.

type AttributeTypeAndValue Uses

type AttributeTypeAndValue struct {
    Type  asn1.ObjectIdentifier
    Value interface{}
}

AttributeTypeAndValue mirrors the ASN.1 structure of the same name in RFC 5280, Section 4.1.2.4.

type AttributeTypeAndValueSET Uses

type AttributeTypeAndValueSET struct {
    Type  asn1.ObjectIdentifier
    Value [][]AttributeTypeAndValue `asn1:"set"`
}

AttributeTypeAndValueSET represents a set of ASN.1 sequences of AttributeTypeAndValue sequences from RFC 2986 (PKCS #10).

type CertificateList Uses

type CertificateList struct {
    TBSCertList        TBSCertificateList
    SignatureAlgorithm AlgorithmIdentifier
    SignatureValue     asn1.BitString
}

CertificateList represents the ASN.1 structure of the same name. See RFC 5280, section 5.1. Use Certificate.CheckCRLSignature to verify the signature.

func (*CertificateList) HasExpired Uses

func (certList *CertificateList) HasExpired(now time.Time) bool

HasExpired reports whether certList should have been updated by now.

type Extension Uses

type Extension struct {
    Id       asn1.ObjectIdentifier
    Critical bool `asn1:"optional"`
    Value    []byte
}

Extension represents the ASN.1 structure of the same name. See RFC 5280, section 4.2.

type Name Uses

type Name struct {
    Country, Organization, OrganizationalUnit []string
    Locality, Province                        []string
    StreetAddress, PostalCode                 []string
    SerialNumber, CommonName                  string

    // Names contains all parsed attributes. When parsing distinguished names,
    // this can be used to extract non-standard attributes that are not parsed
    // by this package. When marshaling to RDNSequences, the Names field is
    // ignored, see ExtraNames.
    Names []AttributeTypeAndValue

    // ExtraNames contains attributes to be copied, raw, into any marshaled
    // distinguished names. Values override any attributes with the same OID.
    // The ExtraNames field is not populated when parsing, see Names.
    ExtraNames []AttributeTypeAndValue
}

Name represents an X.509 distinguished name. This only includes the common elements of a DN. Note that Name is only an approximation of the X.509 structure. If an accurate representation is needed, asn1.Unmarshal the raw subject or issuer as an RDNSequence.

func (*Name) FillFromRDNSequence Uses

func (n *Name) FillFromRDNSequence(rdns *RDNSequence)

FillFromRDNSequence populates n from the provided RDNSequence. Multi-entry RDNs are flattened, all entries are added to the relevant n fields, and the grouping is not preserved.

func (Name) String Uses

func (n Name) String() string

String returns the string form of n, roughly following the RFC 2253 Distinguished Names syntax.

func (Name) ToRDNSequence Uses

func (n Name) ToRDNSequence() (ret RDNSequence)

ToRDNSequence converts n into a single RDNSequence. The following attributes are encoded as multi-value RDNs:

- Country
- Organization
- OrganizationalUnit
- Locality
- Province
- StreetAddress
- PostalCode

Each ExtraNames entry is encoded as an individual RDN.

type RDNSequence Uses

type RDNSequence []RelativeDistinguishedNameSET

func (RDNSequence) String Uses

func (r RDNSequence) String() string

String returns a string representation of the sequence r, roughly following the RFC 2253 Distinguished Names syntax.

type RelativeDistinguishedNameSET Uses

type RelativeDistinguishedNameSET []AttributeTypeAndValue

type RevokedCertificate Uses

type RevokedCertificate struct {
    SerialNumber   *big.Int
    RevocationTime time.Time
    Extensions     []Extension `asn1:"optional"`
}

RevokedCertificate represents the ASN.1 structure of the same name. See RFC 5280, section 5.1.

type TBSCertificateList Uses

type TBSCertificateList struct {
    Raw                 asn1.RawContent
    Version             int `asn1:"optional,default:0"`
    Signature           AlgorithmIdentifier
    Issuer              RDNSequence
    ThisUpdate          time.Time
    NextUpdate          time.Time            `asn1:"optional"`
    RevokedCertificates []RevokedCertificate `asn1:"optional"`
    Extensions          []Extension          `asn1:"tag:0,optional,explicit"`
}

TBSCertificateList represents the ASN.1 structure of the same name. See RFC 5280, section 5.1.

Package pkix imports 5 packages (graph) and is imported by 5052 packages. Updated 2020-11-06. Refresh now. Tools for package owners.