ocsp

package

v0.0.4 Latest Latest Go to latest Published: Nov 25, 2025 License: MPL-2.0 Imports: 5 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/0x524a/certifier

Links

Open Source Insights

Documentation ¶

Index ¶

func CreateOCSPRequest(cert *x509.Certificate, issuer *x509.Certificate) ([]byte, error)
func GenerateOCSPResponse(config *OCSPConfig) ([]byte, error)
func ParseOCSPRequest(reqBytes []byte) (map[string]interface{}, error)
func ParseOCSPResponse(respBytes []byte) (map[string]interface{}, error)
func VerifyOCSPResponse(respBytes []byte, cert *x509.Certificate, issuer *x509.Certificate) (map[string]interface{}, error)
type OCSPCertificateStatus
- func CheckCertificateStatus(cert *x509.Certificate, ocspURL string) (*OCSPCertificateStatus, error)
type OCSPConfig

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CreateOCSPRequest ¶

func CreateOCSPRequest(cert *x509.Certificate, issuer *x509.Certificate) ([]byte, error)

CreateOCSPRequest creates an OCSP request (placeholder)

func GenerateOCSPResponse ¶

func GenerateOCSPResponse(config *OCSPConfig) ([]byte, error)

GenerateOCSPResponse generates an OCSP response (placeholder - requires external ocsp library)

func ParseOCSPRequest ¶

func ParseOCSPRequest(reqBytes []byte) (map[string]interface{}, error)

ParseOCSPRequest parses an OCSP request (placeholder)

func ParseOCSPResponse ¶

func ParseOCSPResponse(respBytes []byte) (map[string]interface{}, error)

ParseOCSPResponse parses an OCSP response (placeholder)

func VerifyOCSPResponse ¶

func VerifyOCSPResponse(
	respBytes []byte,
	cert *x509.Certificate,
	issuer *x509.Certificate,
) (map[string]interface{}, error)

VerifyOCSPResponse verifies an OCSP response (placeholder)

Types ¶

type OCSPCertificateStatus ¶

type OCSPCertificateStatus struct {
	Serial           *big.Int
	Status           string // "good", "revoked", or "unknown"
	ThisUpdate       time.Time
	NextUpdate       time.Time
	RevocationTime   time.Time
	RevocationReason string
	ResponderURL     string
	ProducedAt       time.Time
}

OCSPCertificateStatus represents the status of a certificate in OCSP

func CheckCertificateStatus ¶

func CheckCertificateStatus(
	cert *x509.Certificate,
	ocspURL string,
) (*OCSPCertificateStatus, error)

CheckCertificateStatus checks the status of a certificate via OCSP

type OCSPConfig ¶

type OCSPConfig struct {
	// OCSP responder certificate (should be signed by CA)
	ResponderCertificate *x509.Certificate

	// OCSP responder private key
	ResponderPrivateKey crypto.PrivateKey

	// CA certificate
	CACertificate *x509.Certificate

	// Certificate to create response for
	Certificate *x509.Certificate

	// Certificate status (0 = good, 1 = revoked, 2 = unknown)
	Status int

	// Revocation time (if revoked)
	RevocationTime time.Time

	// Revocation reason (if revoked)
	RevocationReason int

	// This update time
	ThisUpdate time.Time

	// Next update time
	NextUpdate time.Time
}

OCSPConfig holds configuration for OCSP responder

Source Files ¶

View all Source files

ocsp.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL