verifier

package
v1.93.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 16, 2026 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrTSAResponseInvalid indicates the RFC3161 timestamp response could not
	// be verified against the TSA certificate chain.
	ErrTSAResponseInvalid = errors.New("TSA response verification failed")

	// ErrTimestampOutsideTSAValidity indicates the timestamp's time falls
	// outside the TSA certificate's NotBefore/NotAfter window.
	ErrTimestampOutsideTSAValidity = errors.New("timestamp outside TSA certificate validity window")

	// ErrSigningCertNotValidAtTimestamp indicates the signing certificate
	// was not valid at the timestamp's time.
	ErrSigningCertNotValidAtTimestamp = errors.New("signing certificate not valid at timestamp time")

	// ErrNoTSARootsConfigured indicates the bundle contains signed timestamps
	// but no TSA trust roots are configured on the server.
	ErrNoTSARootsConfigured = errors.New("no TSA trust roots configured")
)
View Source 
var ErrInvalidBundle = errors.New("invalid bundle")
View Source 
var ErrMissingVerificationMaterial = errors.New("missing material")

Functions

func VerifyBundle 

func VerifyBundle(ctx context.Context, bundleBytes []byte, tr *TrustedRoot) error

func VerifyTimestamps added in v0.170.0 

func VerifyTimestamps(sb *bundle.Bundle, tr *TrustedRoot) error

Types

type TrustedRoot 

type TrustedRoot struct {
	// map key identifiers to a chain of certificates
	Keys                 map[string][]*x509.Certificate
	TimestampAuthorities map[string][]*x509.Certificate
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.