timestamp

package
v0.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 31, 2025 License: Apache-2.0, MIT Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var DefaultHTTPClient = HTTPClient(http.DefaultClient)

DefaultHTTPClient is the HTTP client used for fetching timestamps. This variable may be changed to modify HTTP behavior (eg. add timeouts).

Functions

func GenerateNonce 

func GenerateNonce() *big.Int

GenerateNonce generates a new nonce for this TSR.

Types

type Accuracy 

type Accuracy struct {
	Seconds int `asn1:"optional"`
	Millis  int `asn1:"tag:0,optional"`
	Micros  int `asn1:"tag:1,optional"`
}
Accuracy ::= SEQUENCE {
  seconds        INTEGER              OPTIONAL,
  millis     [0] INTEGER  (1..999)    OPTIONAL,
  micros     [1] INTEGER  (1..999)    OPTIONAL  }

func (Accuracy) Duration 

func (a Accuracy) Duration() time.Duration

Duration returns this Accuracy as a time.Duration.

type HTTPClient 

type HTTPClient interface {
	Do(*http.Request) (*http.Response, error)
}

HTTPClient is an interface for *http.Client, allowing callers to customize HTTP behavior.

type Info 

type Info struct {
	Version        int
	Policy         asn1.ObjectIdentifier
	MessageImprint MessageImprint
	SerialNumber   *big.Int
	GenTime        time.Time        `asn1:"generalized"`
	Accuracy       Accuracy         `asn1:"optional"`
	Ordering       bool             `asn1:"optional,default:false"`
	Nonce          *big.Int         `asn1:"optional"`
	TSA            asn1.RawValue    `asn1:"tag:0,optional"`
	Extensions     []pkix.Extension `asn1:"tag:1,optional"`
}

Info is a TSTInfo 

TSTInfo ::= SEQUENCE  {
  version                      INTEGER  { v1(1) },
  policy                       TSAPolicyId,
  messageImprint               MessageImprint,
    -- MUST have the same value as the similar field in
    -- TimeStampReq
  serialNumber                 INTEGER,
    -- Time-Stamping users MUST be ready to accommodate integers
    -- up to 160 bits.
  genTime                      GeneralizedTime,
  accuracy                     Accuracy                 OPTIONAL,
  ordering                     BOOLEAN             DEFAULT FALSE,
  nonce                        INTEGER                  OPTIONAL,
    -- MUST be present if the similar field was present
    -- in TimeStampReq.  In that case it MUST have the same value.
  tsa                          [0] GeneralName          OPTIONAL,
  extensions                   [1] IMPLICIT Extensions   OPTIONAL  }

TSAPolicyId ::= OBJECT IDENTIFIER

func ParseInfo 

func ParseInfo(eci protocol.EncapsulatedContentInfo) (Info, error)

ParseInfo parses an Info out of a CMS EncapsulatedContentInfo.

func (*Info) After 

func (i *Info) After(t time.Time) bool

After checks if the earlier time the signature could have been generated at is before the specified time. For example, you might check that a signature was made *after* a certificate's not-before date.

func (*Info) Before 

func (i *Info) Before(t time.Time) bool

Before checks if the latest time the signature could have been generated at is before the specified time. For example, you might check that a signature was made *before* a certificate's not-after date.

type MessageImprint 

type MessageImprint struct {
	HashAlgorithm pkix.AlgorithmIdentifier
	HashedMessage []byte
}
MessageImprint ::= SEQUENCE  {
  hashAlgorithm                AlgorithmIdentifier,
  hashedMessage                OCTET STRING  }

func NewMessageImprint 

func NewMessageImprint(hash crypto.Hash, r io.Reader) (MessageImprint, error)

NewMessageImprint creates a new MessageImprint, digesting all bytes from the provided reader using the specified hash.

func (MessageImprint) Equal 

func (mi MessageImprint) Equal(other MessageImprint) bool

Equal checks if this MessageImprint is identical to another MessageImprint.

func (MessageImprint) Hash 

func (mi MessageImprint) Hash() (crypto.Hash, error)

Hash gets the crypto.Hash associated with this SignerInfo's DigestAlgorithm. 0 is returned for unrecognized algorithms.

type PKIFreeText 

type PKIFreeText []asn1.RawValue

PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String

func (PKIFreeText) Append 

func (ft PKIFreeText) Append(t string) PKIFreeText

Append returns a new copy of the PKIFreeText with the provided string appended.

func (PKIFreeText) Strings 

func (ft PKIFreeText) Strings() ([]string, error)

Strings decodes the PKIFreeText into a []string.

type PKIStatusInfo 

type PKIStatusInfo struct {
	Status       int
	StatusString PKIFreeText    `asn1:"optional"`
	FailInfo     asn1.BitString `asn1:"optional"`
}
PKIStatusInfo ::= SEQUENCE {
	status        PKIStatus,
	statusString  PKIFreeText     OPTIONAL,
	failInfo      PKIFailureInfo  OPTIONAL  }

PKIStatus ::= INTEGER {
	granted                (0),
		-- when the PKIStatus contains the value zero a TimeStampToken, as
		requested, is present.
	grantedWithMods        (1),
		-- when the PKIStatus contains the value one a TimeStampToken,
		with modifications, is present.
	rejection              (2),
	waiting                (3),
	revocationWarning      (4),
		-- this message contains a warning that a revocation is
		-- imminent
	revocationNotification (5)
		-- notification that a revocation has occurred   }

-- When the TimeStampToken is not present -- failInfo indicates the reason why the -- time-stamp request was rejected and -- may be one of the following values. 

PKIFailureInfo ::= BIT STRING {
	badAlg               (0),
		-- unrecognized or unsupported Algorithm Identifier
	badRequest           (2),
		-- transaction not permitted or supported
	badDataFormat        (5),
		-- the data submitted has the wrong format
	timeNotAvailable    (14),
		-- the TSA's time source is not available
	unacceptedPolicy    (15),
		-- the requested TSA policy is not supported by the TSA.
	unacceptedExtension (16),
		-- the requested extension is not supported by the TSA.
	addInfoNotAvailable (17)
		-- the additional information requested could not be understood
		-- or is not available
	systemFailure       (25)
		-- the request cannot be handled due to system failure  }

func (PKIStatusInfo) Error 

func (si PKIStatusInfo) Error() string

Error implements the error interface.

func (PKIStatusInfo) GetError 

func (si PKIStatusInfo) GetError() error

Error represents an unsuccessful PKIStatusInfo as an error.

type Request 

type Request struct {
	Version        int
	MessageImprint MessageImprint
	ReqPolicy      asn1.ObjectIdentifier `asn1:"optional"`
	Nonce          *big.Int              `asn1:"optional"`
	CertReq        bool                  `asn1:"optional,default:false"`
	Extensions     []pkix.Extension      `asn1:"tag:1,optional"`
}

Request is a TimeStampReq 

TimeStampReq ::= SEQUENCE  {
	version                      INTEGER  { v1(1) },
	messageImprint               MessageImprint,
		--a hash algorithm OID and the hash value of the data to be
		--time-stamped
	reqPolicy             TSAPolicyId              OPTIONAL,
	nonce                 INTEGER                  OPTIONAL,
	certReq               BOOLEAN                  DEFAULT FALSE,
	extensions            [0] IMPLICIT Extensions  OPTIONAL  }

func (Request) Do 

func (req Request) Do(url string) (Response, error)

Do sends this timestamp request to the specified timestamp service, returning the parsed response. The timestamp.HTTPClient is used to make the request and HTTP behavior can be modified by changing that variable.

func (Request) Matches 

func (req Request) Matches(tsti Info) bool

Matches checks if the MessageImprint and Nonce from a responsee match those of the request.

type Response 

type Response struct {
	Status         PKIStatusInfo
	TimeStampToken protocol.ContentInfo `asn1:"optional"`
}

Response is a TimeStampResp 

TimeStampResp ::= SEQUENCE  {
	status                  PKIStatusInfo,
	timeStampToken          TimeStampToken     OPTIONAL  }

TimeStampToken ::= ContentInfo

func ParseResponse 

func ParseResponse(ber []byte) (Response, error)

ParseResponse parses a BER encoded TimeStampResp.

func (Response) Info 

func (r Response) Info() (Info, error)

Info gets an Info from the response, doing no validation of the SignedData.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.