Documentation
¶
Overview ¶
Package x509ext holds extensions types and values for minimal gossip.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var OIDExtKeyUsageCTMinimalGossip = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 11129, 2, 4, 6}
OIDExtKeyUsageCTMinimalGossip is the OID value for an extended key usage (EKU) that indicates a leaf certificate is used for the validation of STH values from public CT logs. TODO(drysdale): get an official OID value
var OIDExtensionCTSTH = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 11129, 2, 4, 5}
OIDExtensionCTSTH is the OID value for an X.509 extension that holds a log STH value. TODO(drysdale): get an official OID value
Functions ¶
func HasSTHInfo ¶
func HasSTHInfo(cert *x509.Certificate) bool
HasSTHInfo indicates whether a certificate has embedded STH information.
func STHFromCert ¶
func STHFromCert(cert *x509.Certificate) (*ct.SignedTreeHead, error)
STHFromCert retrieves the STH embedded in a certificate; note the returned STH does not have the LogID field filled in.
Types ¶
type LogSTHInfo ¶
type LogSTHInfo struct {
LogURL []byte `tls:"maxlen:255"`
Version tls.Enum `tls:"maxval:255"`
TreeSize uint64
Timestamp uint64
SHA256RootHash ct.SHA256Hash
TreeHeadSignature ct.DigitallySigned
}
LogSTHInfo is the structure that gets TLS-encoded into the X.509 extension identified by OIDExtensionCTSTH.
func LogSTHInfoFromCert ¶
func LogSTHInfoFromCert(cert *x509.Certificate) (*LogSTHInfo, error)
LogSTHInfoFromCert retrieves the STH information embedded in a certificate.
Source Files