Version: v0.0.0-...-7a1a713 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Jul 1, 2013 License: Apache-2.0 Imports: 7 Imported by: 0



Package ocsp parses OCSP responses as specified in RFC 2560. OCSP responses are signed messages attesting to the validity of a certificate for a small period of time. This is used to manage revocation for X.509 certificates.



View Source
const (
	// Good means that the certificate is valid.
	Good = iota
	// Revoked means that the certificate has been deliberately revoked.
	Revoked = iota
	// Unknown means that the OCSP responder doesn't know about the certificate.
	Unknown = iota
	// ServerFailed means that the OCSP responder failed to process the request.
	ServerFailed = iota


This section is empty.


This section is empty.


type ParseError

type ParseError string

ParseError results from an invalid OCSP response.

func (ParseError) Error

func (p ParseError) Error() string

type Response

type Response struct {
	// Status is one of {Good, Revoked, Unknown, ServerFailed}
	Status                                        int
	SerialNumber                                  []byte
	ProducedAt, ThisUpdate, NextUpdate, RevokedAt time.Time
	RevocationReason                              int
	Certificate                                   *x509.Certificate

Response represents an OCSP response. See RFC 2560.

func ParseResponse

func ParseResponse(bytes []byte) (*Response, error)

ParseResponse parses an OCSP response in DER form. It only supports responses for a single certificate and only those using RSA signatures. Non-RSA responses will result in an x509.UnsupportedAlgorithmError. Signature errors or parse failures will result in a ParseError.

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL