crl

package
v0.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 25, 2025 License: MPL-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ReasonUnspecified          = 0
	ReasonKeyCompromise        = 1
	ReasonCACompromise         = 2
	ReasonAffiliationChanged   = 3
	ReasonSuperseded           = 4
	ReasonCessationOfOperation = 5
	ReasonCertificateHold      = 6
	ReasonRemoveFromCRL        = 8
	ReasonPrivilegeWithdrawn   = 9
	ReasonAACompromise         = 10
)

RevocationReason constants

Variables

This section is empty.

Functions

func CheckRevocation 

func CheckRevocation(cert *x509.Certificate, crl *x509.RevocationList) bool

CheckRevocation checks if a certificate is revoked in the CRL

func GenerateCRL 

func GenerateCRL(config *CRLConfig) ([]byte, error)

GenerateCRL generates a Certificate Revocation List

func ParseCRL 

func ParseCRL(crlData []byte) (*x509.RevocationList, error)

ParseCRL parses a CRL from DER-encoded bytes

Types

type CRLConfig 

type CRLConfig struct {
	// The CA certificate that will sign the CRL
	CAKeyPair *keyPair

	// CA Certificate
	CACertificate *x509.Certificate

	// List of revoked certificates
	RevokedCerts []*RevokedCertificate

	// CRL validity period
	ValidityDays int

	// CRL number (for incremental CRLs)
	Number int64

	// URLs for CRL distribution
	DistributionURL string
}

CRLConfig holds configuration for CRL generation

type RevokedCertificate 

type RevokedCertificate struct {
	SerialNumber     *big.Int
	RevocationTime   time.Time
	RevocationReason int // CRL reason code
}

RevokedCertificate represents a revoked certificate entry

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.