func NewTimestampRequest(body io.Reader, opts *timestamp.RequestOptions) (*timestamp.Request, error)
NewTimestampRequest returns a new timestamp request based on the specified options.
CRLClient represents a CRL (Certificate revocation list) client. It is used to request revocation data from CRL servers.
type CRLClient struct { // HTTPClient is the HTTP client used to make CRL requests. // By default, an HTTP client with a 5 second timeout per request is used. HTTPClient *http.Client }
func NewCRLClient() *CRLClient
NewCRLClient returns a new CRL client.
func (c *CRLClient) MakeRequest(serverURL string, cert *x509.Certificate) ([]byte, error)
MakeRequest makes a CRL request to the specified server and returns the response. If a server URL is not provided, it is extracted from the certificate.
CertClient represents a X.509 certificate client. Its primary purpose is to download certificates.
type CertClient struct { // HTTPClient is the HTTP client used to make certificate requests. // By default, an HTTP client with a 5 second timeout per request is used. HTTPClient *http.Client }
func NewCertClient() *CertClient
NewCertClient returns a new certificate client.
func (c *CertClient) Get(url string) (*x509.Certificate, error)
Get retrieves the certificate at the specified URL.
func (c *CertClient) GetIssuer(cert *x509.Certificate) (*x509.Certificate, error)
GetIssuer retrieves the issuer of the provided certificate.
func (c *CertClient) IsCA(cert *x509.Certificate) bool
IsCA returns true if the provided certificate appears to be a CA certificate.
OCSPClient represents a OCSP (Online Certificate Status Protocol) client. It is used to request revocation data from OCSP servers.
type OCSPClient struct { // HTTPClient is the HTTP client used to make OCSP requests. // By default, an HTTP client with a 5 second timeout per request is used. HTTPClient *http.Client // Hash is the hash function used when constructing the OCSP // requests. If zero, SHA-1 will be used. Hash crypto.Hash }
func NewOCSPClient() *OCSPClient
NewOCSPClient returns a new OCSP client.
func (c *OCSPClient) MakeRequest(serverURL string, cert, issuer *x509.Certificate) (*ocsp.Response, []byte, error)
MakeRequest makes a OCSP request to the specified server and returns the parsed and raw responses. If a server URL is not provided, it is extracted from the certificate.
TimestampClient represents a RFC 3161 timestamp client. It is used to obtain signed tokens from timestamp authority servers.
type TimestampClient struct { // HTTPClient is the HTTP client used to make timestamp requests. // By default, an HTTP client with a 5 second timeout per request is used. HTTPClient *http.Client }
func NewTimestampClient() *TimestampClient
NewTimestampClient returns a new timestamp client.
func (c *TimestampClient) GetEncodedToken(serverURL string, req *timestamp.Request) ([]byte, error)
GetEncodedToken executes the timestamp request and returns the DER encoded timestamp token bytes.