certparse

package
v0.0.0-...-370a9a7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 1, 2025 License: MIT Imports: 7 Imported by: 3

Documentation

Overview

Package certparse parses root CA certificates from a Mozilla NSS certdata.txt io.Reader.

This package provides a low level scanner, which can read individual values from the file, as well as objects (certificates or trust declarations) and a high level ReadTrustedCerts function which will parse objects into x509 certificates and return those that have been labeled as trusted as delegator in the certdata file (meaning they can be used by a CA to sign certificates).

The certdata.txt file format changes occasionally, which may cause this parser to break.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ReadObjects 

func ReadObjects(f io.Reader) (objects []map[string]string, err error)

ReadObjects parses all objects from the passed in certdata.txt input.

Types

type Cert 

type Cert struct {
	Label string
	Data  []byte // Raw DER data
	Trust TrustLevel
	Cert  *x509.Certificate
}

Cert holds the raw data parsed from the certdata.txt file, along with the Go x509.Certificate representation.

func ReadTrustedCerts 

func ReadTrustedCerts(f io.Reader) (certs []Cert, err error)

ReadTrustedCerts parses a certdata.txt formatted input and returns the certificates defined within it that are labelled as trusted as a CA. Untrusted, or non-CA certificates are not returned.

type MozScanner 

type MozScanner struct {
	// contains filtered or unexported fields
}

MozScanner scans and tokenizes certdata.txt files.

func NewMozScanner 

func NewMozScanner(f io.Reader) *MozScanner

NewMozScanner initializes a scanner ready for processing. It expects a reader supplying a certdata.txt formatted text.

func (*MozScanner) LineNumber 

func (ms *MozScanner) LineNumber() int

LineNumber returns the last line number scanned.

func (*MozScanner) Object 

func (ms *MozScanner) Object() map[string]string

Object returns the last complete object read by ScanObject. It returns a map of field names to their decoded string values.

func (*MozScanner) ScanObject 

func (ms *MozScanner) ScanObject() bool

ScanObject repeatedly scans values to accumulate a complete object, which can be read by calllng the Object method. It returns false when no more objects can be read, either due to reaching EOF, or encountering an error. Errors can be read by calling ScanObjectError

func (*MozScanner) ScanObjectError 

func (ms *MozScanner) ScanObjectError() error

ScanObjectError returns the last non EOF error encountered by ScanObject

func (*MozScanner) ScanValue 

func (ms *MozScanner) ScanValue() bool

ScanValue reads the next field, filed type and value. It returns false when no more values can be read, either due to reaching EOF, or encountering an error. Errors can be read by calling ScanValueError

func (*MozScanner) ScanValueError 

func (ms *MozScanner) ScanValueError() error

ScanValueError returns the last non-EOF error encountered by ScanValue

func (*MozScanner) Value 

func (ms *MozScanner) Value() MozValue

Value returns the most recent value read by ScanValue

type MozValue 

type MozValue struct {
	Field string
	Type  string
	Value string
}

A MozValue is returned from MozScanner.ScanValue.

type TrustLevel 

type TrustLevel int
const (
	ServerTrustedDelegator TrustLevel = 1 << iota // Trusted for issuing server certificates
	EmailTrustedDelegator                         // Trusted for issuing email certificates
	CodeTrustedDelegator                          // Trusted for issuing code signing certificates
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.