1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
<h1> Package pkix </h1> <ul id="short-nav">
<li><code>import "crypto/x509/pkix"</code></li>
<li><a href="#pkg-overview" class="overviewLink">Overview</a></li>
<li><a href="#pkg-index" class="indexLink">Index</a></li>
</ul> <h2 id="pkg-overview">Overview </h2> <p>Package pkix contains shared, low level structures used for ASN.1 parsing and serialization of X.509 certificates, CRL and OCSP. </p> <h2 id="pkg-index">Index </h2> <ul id="manual-nav">
<li><a href="#AlgorithmIdentifier">type AlgorithmIdentifier</a></li>
<li><a href="#AttributeTypeAndValue">type AttributeTypeAndValue</a></li>
<li><a href="#AttributeTypeAndValueSET">type AttributeTypeAndValueSET</a></li>
<li><a href="#CertificateList">type CertificateList</a></li>
<li> <a href="#CertificateList.HasExpired">func (certList *CertificateList) HasExpired(now time.Time) bool</a>
</li>
<li><a href="#Extension">type Extension</a></li>
<li><a href="#Name">type Name</a></li>
<li> <a href="#Name.FillFromRDNSequence">func (n *Name) FillFromRDNSequence(rdns *RDNSequence)</a>
</li>
<li> <a href="#Name.String">func (n Name) String() string</a>
</li>
<li> <a href="#Name.ToRDNSequence">func (n Name) ToRDNSequence() (ret RDNSequence)</a>
</li>
<li><a href="#RDNSequence">type RDNSequence</a></li>
<li> <a href="#RDNSequence.String">func (r RDNSequence) String() string</a>
</li>
<li><a href="#RelativeDistinguishedNameSET">type RelativeDistinguishedNameSET</a></li>
<li><a href="#RevokedCertificate">type RevokedCertificate</a></li>
<li><a href="#TBSCertificateList">type TBSCertificateList</a></li>
</ul> <h3>Package files</h3> <p> <span>pkix.go</span> </p> <h2 id="AlgorithmIdentifier">type <span>AlgorithmIdentifier</span> </h2> <p>AlgorithmIdentifier represents the ASN.1 structure of the same name. See RFC 5280, section 4.1.1.2. </p>
<pre data-language="go">type AlgorithmIdentifier struct {
Algorithm asn1.ObjectIdentifier
Parameters asn1.RawValue `asn1:"optional"`
}
</pre> <h2 id="AttributeTypeAndValue">type <span>AttributeTypeAndValue</span> </h2> <p>AttributeTypeAndValue mirrors the ASN.1 structure of the same name in RFC 5280, Section 4.1.2.4. </p>
<pre data-language="go">type AttributeTypeAndValue struct {
Type asn1.ObjectIdentifier
Value any
}
</pre> <h2 id="AttributeTypeAndValueSET">type <span>AttributeTypeAndValueSET</span> <span title="Added in Go 1.3">1.3</span> </h2> <p>AttributeTypeAndValueSET represents a set of ASN.1 sequences of <a href="#AttributeTypeAndValue">AttributeTypeAndValue</a> sequences from RFC 2986 (PKCS #10). </p>
<pre data-language="go">type AttributeTypeAndValueSET struct {
Type asn1.ObjectIdentifier
Value [][]AttributeTypeAndValue `asn1:"set"`
}
</pre> <h2 id="CertificateList">type <span>CertificateList</span> </h2> <p>CertificateList represents the ASN.1 structure of the same name. See RFC 5280, section 5.1. Use Certificate.CheckCRLSignature to verify the signature. </p>
<p>Deprecated: x509.RevocationList should be used instead. </p>
<pre data-language="go">type CertificateList struct {
TBSCertList TBSCertificateList
SignatureAlgorithm AlgorithmIdentifier
SignatureValue asn1.BitString
}
</pre> <h3 id="CertificateList.HasExpired">func (*CertificateList) <span>HasExpired</span> </h3> <pre data-language="go">func (certList *CertificateList) HasExpired(now time.Time) bool</pre> <p>HasExpired reports whether certList should have been updated by now. </p>
<h2 id="Extension">type <span>Extension</span> </h2> <p>Extension represents the ASN.1 structure of the same name. See RFC 5280, section 4.2. </p>
<pre data-language="go">type Extension struct {
Id asn1.ObjectIdentifier
Critical bool `asn1:"optional"`
Value []byte
}
</pre> <h2 id="Name">type <span>Name</span> </h2> <p>Name represents an X.509 distinguished name. This only includes the common elements of a DN. Note that Name is only an approximation of the X.509 structure. If an accurate representation is needed, asn1.Unmarshal the raw subject or issuer as an <a href="#RDNSequence">RDNSequence</a>. </p>
<pre data-language="go">type Name struct {
Country, Organization, OrganizationalUnit []string
Locality, Province []string
StreetAddress, PostalCode []string
SerialNumber, CommonName string
// Names contains all parsed attributes. When parsing distinguished names,
// this can be used to extract non-standard attributes that are not parsed
// by this package. When marshaling to RDNSequences, the Names field is
// ignored, see ExtraNames.
Names []AttributeTypeAndValue
// ExtraNames contains attributes to be copied, raw, into any marshaled
// distinguished names. Values override any attributes with the same OID.
// The ExtraNames field is not populated when parsing, see Names.
ExtraNames []AttributeTypeAndValue // Go 1.5
}
</pre> <h3 id="Name.FillFromRDNSequence">func (*Name) <span>FillFromRDNSequence</span> </h3> <pre data-language="go">func (n *Name) FillFromRDNSequence(rdns *RDNSequence)</pre> <p>FillFromRDNSequence populates n from the provided <a href="#RDNSequence">RDNSequence</a>. Multi-entry RDNs are flattened, all entries are added to the relevant n fields, and the grouping is not preserved. </p>
<h3 id="Name.String">func (Name) <span>String</span> <span title="Added in Go 1.10">1.10</span> </h3> <pre data-language="go">func (n Name) String() string</pre> <p>String returns the string form of n, roughly following the RFC 2253 Distinguished Names syntax. </p>
<h3 id="Name.ToRDNSequence">func (Name) <span>ToRDNSequence</span> </h3> <pre data-language="go">func (n Name) ToRDNSequence() (ret RDNSequence)</pre> <p>ToRDNSequence converts n into a single <a href="#RDNSequence">RDNSequence</a>. The following attributes are encoded as multi-value RDNs: </p>
<ul> <li>Country </li>
<li>Organization </li>
<li>OrganizationalUnit </li>
<li>Locality </li>
<li>Province </li>
<li>StreetAddress </li>
<li>PostalCode </li>
</ul> <p>Each ExtraNames entry is encoded as an individual RDN. </p>
<h2 id="RDNSequence">type <span>RDNSequence</span> </h2> <pre data-language="go">type RDNSequence []RelativeDistinguishedNameSET</pre> <h3 id="RDNSequence.String">func (RDNSequence) <span>String</span> <span title="Added in Go 1.10">1.10</span> </h3> <pre data-language="go">func (r RDNSequence) String() string</pre> <p>String returns a string representation of the sequence r, roughly following the RFC 2253 Distinguished Names syntax. </p>
<h2 id="RelativeDistinguishedNameSET">type <span>RelativeDistinguishedNameSET</span> </h2> <pre data-language="go">type RelativeDistinguishedNameSET []AttributeTypeAndValue</pre> <h2 id="RevokedCertificate">type <span>RevokedCertificate</span> </h2> <p>RevokedCertificate represents the ASN.1 structure of the same name. See RFC 5280, section 5.1. </p>
<pre data-language="go">type RevokedCertificate struct {
SerialNumber *big.Int
RevocationTime time.Time
Extensions []Extension `asn1:"optional"`
}
</pre> <h2 id="TBSCertificateList">type <span>TBSCertificateList</span> </h2> <p>TBSCertificateList represents the ASN.1 structure of the same name. See RFC 5280, section 5.1. </p>
<p>Deprecated: x509.RevocationList should be used instead. </p>
<pre data-language="go">type TBSCertificateList struct {
Raw asn1.RawContent
Version int `asn1:"optional,default:0"`
Signature AlgorithmIdentifier
Issuer RDNSequence
ThisUpdate time.Time
NextUpdate time.Time `asn1:"optional"`
RevokedCertificates []RevokedCertificate `asn1:"optional"`
Extensions []Extension `asn1:"tag:0,optional,explicit"`
}
</pre><div class="_attribution">
<p class="_attribution-p">
© Google, Inc.<br>Licensed under the Creative Commons Attribution License 3.0.<br>
<a href="http://golang.org/pkg/crypto/x509/pkix/" class="_attribution-link">http://golang.org/pkg/crypto/x509/pkix/</a>
</p>
</div>
|
