Documentation
¶
Overview ¶
Package timestamp generates timestamping requests to TSA servers, and fetches the responses according to RFC 3161.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Accuracy ¶
type Accuracy struct {
Seconds int `asn1:"optional"`
Milliseconds int `asn1:"optional,tag:0"`
Microseconds int `asn1:"optional,tag:1"`
}
Accuracy ::= SEQUENCE {
seconds INTEGER OPTIONAL,
millis [0] INTEGER (1..999) OPTIONAL,
micros [1] INTEGER (1..999) OPTIONAL }
type MalformedRequestError ¶
type MalformedRequestError struct {
// contains filtered or unexported fields
}
MalformedRequestError is used when timestamping request is malformed.
func (MalformedRequestError) Error ¶
func (e MalformedRequestError) Error() string
type MessageImprint ¶
type MessageImprint struct {
HashAlgorithm pkix.AlgorithmIdentifier
HashedMessage []byte
}
MessageImprint contains the hash of the datum to be time-stamped.
MessageImprint ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
hashedMessage OCTET STRING }
type Request ¶
type Request struct {
Version int // fixed to 1 as defined in RFC 3161 2.4.1 Request Format
MessageImprint MessageImprint
ReqPolicy asn1.ObjectIdentifier `asn1:"optional"`
Nonce *big.Int `asn1:"optional"`
CertReq bool `asn1:"optional,default:false"`
Extensions []pkix.Extension `asn1:"optional,tag:0"`
}
Request is a time-stamping request.
TimeStampReq ::= SEQUENCE {
version INTEGER { v1(1) },
messageImprint MessageImprint,
reqPolicy TSAPolicyID OPTIONAL,
nonce INTEGER OPTIONAL,
certReq BOOLEAN DEFAULT FALSE,
extensions [0] IMPLICIT Extensions OPTIONAL }
func NewRequest ¶
NewRequest creates a request based on the given digest and hash algorithm.
func NewRequestFromContent ¶
NewRequestFromContent creates a request based on the given data and hash algorithm.
func (*Request) MarshalBinary ¶
MarshalBinary encodes the request to binary form. This method implements encoding.BinaryMarshaler
func (*Request) UnmarshalBinary ¶
UnmarshalBinary decodes the request from binary form. This method implements encoding.BinaryUnmarshaler
type Response ¶
type Response struct {
Status pki.StatusInfo
TimeStampToken asn1.RawValue `asn1:"optional"`
}
Response is a time-stamping response.
TimeStampResp ::= SEQUENCE {
status PKIStatusInfo,
timeStampToken TimeStampToken OPTIONAL }
func (*Response) MarshalBinary ¶
MarshalBinary encodes the response to binary form. This method implements encoding.BinaryMarshaler
func (*Response) SignedToken ¶
func (r *Response) SignedToken() (*SignedToken, error)
SignedToken returns the timestamp token with signatures. Callers should invoke Verify to verify the content before comsumption.
func (*Response) TokenBytes ¶
TokenBytes returns the bytes of the timestamp token.
func (*Response) UnmarshalBinary ¶
UnmarshalBinary decodes the response from binary form. This method implements encoding.BinaryUnmarshaler
type SignedToken ¶
type SignedToken cms.ParsedSignedData
SignedToken is a parsed timestamp token with signatures.
func ParseSignedToken ¶
func ParseSignedToken(data []byte) (*SignedToken, error)
ParseSignedToken parses ASN.1 BER-encoded structure to SignedToken without verification. Callers should invoke Verify to verify the content before comsumption.
func (*SignedToken) Info ¶
func (t *SignedToken) Info() (*TSTInfo, error)
Info returns the timestamping information.
func (*SignedToken) Verify ¶
func (t *SignedToken) Verify(opts x509.VerifyOptions) ([]*x509.Certificate, error)
Verify verifies the signed token as CMS SignedData. An empty list of KeyUsages in VerifyOptions implies ExtKeyUsageTimeStamping.
type TSTInfo ¶
type TSTInfo struct {
Version int // fixed to 1 as defined in RFC 3161 2.4.2 Response Format
Policy asn1.ObjectIdentifier
MessageImprint MessageImprint
SerialNumber *big.Int
GenTime time.Time `asn1:"generalized"`
Accuracy Accuracy `asn1:"optional"`
Ordering bool `asn1:"optional,default:false"`
Nonce *big.Int `asn1:"optional"`
TSA asn1.RawValue `asn1:"optional,tag:0"`
Extensions []pkix.Extension `asn1:"optional,tag:1"`
}
TSTInfo ::= SEQUENCE {
version INTEGER { v1(1) },
policy TSAPolicyId,
messageImprint MessageImprint,
serialNumber INTEGER,
genTime GeneralizedTime,
accuracy Accuracy OPTIONAL,
ordering BOOLEAN DEFAULT FALSE,
nonce INTEGER OPTIONAL,
tsa [0] GeneralName OPTIONAL,
extensions [1] IMPLICIT Extensions OPTIONAL }
func (*TSTInfo) Verify ¶
Verify verifies the message digest against the timestamp token information.
func (*TSTInfo) VerifyContent ¶
VerifyContent verifies the message against the timestamp token information.
type Timestamper ¶
type Timestamper interface {
// Timestamp stamps the time with the given request.
Timestamp(context.Context, *Request) (*Response, error)
}
Timestamper stamps the time.
func NewHTTPTimestamper ¶
func NewHTTPTimestamper(rt http.RoundTripper, endpoint string) (Timestamper, error)
NewHTTPTimestamper creates a HTTP-based timestamper with the endpoint provided by the TSA. http.DefaultTransport is used if nil RoundTripper is passed.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package timestamptest provides utilities for timestamp testing
|
Package timestamptest provides utilities for timestamp testing |