Documentation ¶
Overview ¶
Package timestamp generates timestamping requests to TSA servers, and fetches the responses according to RFC 3161.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Accuracy ¶
type Accuracy struct { Seconds int `asn1:"optional"` Milliseconds int `asn1:"optional,tag:0"` Microseconds int `asn1:"optional,tag:1"` }
Accuracy ::= SEQUENCE { seconds INTEGER OPTIONAL, millis [0] INTEGER (1..999) OPTIONAL, micros [1] INTEGER (1..999) OPTIONAL }
type MessageImprint ¶
type MessageImprint struct { HashAlgorithm pkix.AlgorithmIdentifier HashedMessage []byte }
MessageImprint contains the hash of the datum to be time-stamped.
MessageImprint ::= SEQUENCE { hashAlgorithm AlgorithmIdentifier, hashedMessage OCTET STRING }
type Request ¶
type Request struct { Version int // fixed to 1 as defined in RFC 3161 2.4.1 Request Format MessageImprint MessageImprint ReqPolicy asn1.ObjectIdentifier `asn1:"optional"` Nonce *big.Int `asn1:"optional"` CertReq bool `asn1:"optional,default:false"` Extensions []pkix.Extension `asn1:"optional,tag:0"` }
Request is a time-stamping request.
TimeStampReq ::= SEQUENCE { version INTEGER { v1(1) }, messageImprint MessageImprint, reqPolicy TSAPolicyID OPTIONAL, nonce INTEGER OPTIONAL, certReq BOOLEAN DEFAULT FALSE, extensions [0] IMPLICIT Extensions OPTIONAL }
func NewRequest ¶
NewRequest creates a request based on the given digest.
func NewRequestFromBytes ¶
NewRequestFromBytes creates a request based on the given byte slice.
func NewRequestFromString ¶
NewRequestFromString creates a request based on the given string.
func (*Request) MarshalBinary ¶
MarshalBinary encodes the request to binary form. This method implements encoding.BinaryMarshaler
func (*Request) UnmarshalBinary ¶
UnmarshalBinary decodes the request from binary form. This method implements encoding.BinaryUnmarshaler
type Response ¶
type Response struct { Status pki.StatusInfo TimeStampToken asn1.RawValue `asn1:"optional"` }
Response is a time-stamping response.
TimeStampResp ::= SEQUENCE { status PKIStatusInfo, timeStampToken TimeStampToken OPTIONAL }
func (*Response) MarshalBinary ¶
MarshalBinary encodes the response to binary form. This method implements encoding.BinaryMarshaler
func (*Response) SignedToken ¶
func (r *Response) SignedToken() (*SignedToken, error)
SignedToken returns the timestamp token with signatures. Callers should invoke Verify to verify the content before comsumption.
func (*Response) TokenBytes ¶
TokenBytes returns the bytes of the timestamp token.
func (*Response) UnmarshalBinary ¶
UnmarshalBinary decodes the response from binary form. This method implements encoding.BinaryUnmarshaler
type SignedToken ¶
type SignedToken cms.ParsedSignedData
SignedToken is a parsed timestamp token with signatures.
func ParseSignedToken ¶
func ParseSignedToken(data []byte) (*SignedToken, error)
ParseSignedToken parses ASN.1 BER-encoded structure to SignedToken without verification. Callers should invoke Verify to verify the content before comsumption.
func (*SignedToken) Info ¶
func (t *SignedToken) Info() (*TSTInfo, error)
Info returns the timestamping information.
func (*SignedToken) Verify ¶
func (t *SignedToken) Verify(opts x509.VerifyOptions) ([]cms.SignerInfo, error)
Verify verifies the signed token as CMS SignedData. An empty list of KeyUsages in VerifyOptions implies ExtKeyUsageTimeStamping.
type TSTInfo ¶
type TSTInfo struct { Version int // fixed to 1 as defined in RFC 3161 2.4.2 Response Format Policy asn1.ObjectIdentifier MessageImprint MessageImprint SerialNumber *big.Int GenTime time.Time `asn1:"generalized"` Accuracy Accuracy `asn1:"optional"` Ordering bool `asn1:"optional,default:false"` Nonce *big.Int `asn1:"optional"` TSA asn1.RawValue `asn1:"optional,tag:0"` Extensions []pkix.Extension `asn1:"optional,tag:1"` }
TSTInfo ::= SEQUENCE { version INTEGER { v1(1) }, policy TSAPolicyId, messageImprint MessageImprint, serialNumber INTEGER, genTime GeneralizedTime, accuracy Accuracy OPTIONAL, ordering BOOLEAN DEFAULT FALSE, nonce INTEGER OPTIONAL, tsa [0] GeneralName OPTIONAL, extensions [1] IMPLICIT Extensions OPTIONAL }
type Timestamper ¶
type Timestamper interface { // Timestamp stamps the time with the given request. Timestamp(context.Context, *Request) (*Response, error) }
Timestamper stamps the time.
func NewHTTPTimestamper ¶
func NewHTTPTimestamper(rt http.RoundTripper, endpoint string) (Timestamper, error)
NewHTTPTimestamper creates a HTTP-based timestamper with the endpoint provided by the TSA. http.DefaultTransport is used if nil RoundTripper is passed.
Directories ¶
Path | Synopsis |
---|---|
Package timestamptest provides utilities for timestamp testing
|
Package timestamptest provides utilities for timestamp testing |