rsa/pkg/inspect/crl.go

package inspect

import (
	"crypto/x509"
)

// DERCRLInfo attempts to parse a DER-form X.509 CRL and returns information
// about it.
func DERCRLInfo(loc string, der []byte) Info {
	crl, err := x509.ParseRevocationList(der)
	if err != nil {
		return &BadInfo{
			Typ:        TypeX509CRL,
			Loc:        loc,
			Underlying: err,
		}
	}

	return CRLInfo(loc, crl)
}

// CRLInfo returns information about a CRL. Note it holds a reference to the
// crl argument.
func CRLInfo(loc string, crl *x509.RevocationList) *CRL {
	return &CRL{
		Loc: loc,
		CRL: crl,
	}
}

// CRL holds structured information about a CRL. It implements Info.
type CRL struct {
	// Loc is the location the CRL was encountered.
	Loc string

	// CRL is the raw CRL.
	CRL *x509.RevocationList
}

// Type indicates this is a private key.
func (crl *CRL) Type() Type {
	return TypeX509CRL
}

// Location returns the location data stored by PrivateKeyInfo.
func (crl *CRL) Location() string {
	return crl.Loc
}

// Info returns structured information about the prvate key.
func (crl *CRL) Info() []Section {
	return []Section{
		crl.CRLSection(),
		crl.IssuerSection(),
		crl.RevocationSection(),
	}
}

// CRLSection returns metadata about the CRL itself.
func (crl *CRL) CRLSection() Section {
	return Section{
		Title: "Metadata",
		Fields: []Field{
			Field{
				Key:   "Serial number",
				Value: FormatHexBytes(crl.CRL.Number.Bytes()),
			},
			Field{
				Key:   "Valid from",
				Value: crl.CRL.ThisUpdate,
			},
			Field{
				Key:   "Valid until",
				Value: crl.CRL.NextUpdate,
			},
		},
	}
}

func (crl *CRL) IssuerSection() Section {
	f := []Field{
		Field{
			Key:   "Description",
			Value: crl.CRL.Issuer.CommonName,
		},
	}
	f = appendX509DNField(f, crl.CRL.Issuer)
	if len(crl.CRL.AuthorityKeyId) > 0 {
		f = append(f, Field{
			Key:   "Key ID",
			Value: FormatHexBytes(crl.CRL.AuthorityKeyId),
		})
	}
	return Section{
		Title:  "Issuer",
		Fields: f,
	}
}

func (crl *CRL) RevocationSection() Section {
	revoked := make([]string, len(crl.CRL.RevokedCertificates))
	for i := range crl.CRL.RevokedCertificates {
		revoked[i] = FormatHexBytes(crl.CRL.RevokedCertificates[i].SerialNumber.Bytes())
	}

	return Section{
		Title: "Revoked certificates",
		Fields: []Field{
			Field{
				Key:   "Count",
				Value: len(revoked),
			},
			Field{
				Key:   "Revoked",
				Value: revoked,
			},
		},
	}
}
Initial commit of pkg functions 2023-03-01 21:28:48 +00:00			`package inspect`

			`import (`
			`"crypto/x509"`
			`)`

			`// DERCRLInfo attempts to parse a DER-form X.509 CRL and returns information`
			`// about it.`
			`func DERCRLInfo(loc string, der []byte) Info {`
			`crl, err := x509.ParseRevocationList(der)`
			`if err != nil {`
			`return &BadInfo{`
			`Typ: TypeX509CRL,`
			`Loc: loc,`
			`Underlying: err,`
			`}`
			`}`

			`return CRLInfo(loc, crl)`
			`}`

			`// CRLInfo returns information about a CRL. Note it holds a reference to the`
			`// crl argument.`
			`func CRLInfo(loc string, crl x509.RevocationList) CRL {`
			`return &CRL{`
			`Loc: loc,`
			`CRL: crl,`
			`}`
			`}`

			`// CRL holds structured information about a CRL. It implements Info.`
			`type CRL struct {`
			`// Loc is the location the CRL was encountered.`
			`Loc string`

			`// CRL is the raw CRL.`
			`CRL *x509.RevocationList`
			`}`

			`// Type indicates this is a private key.`
			`func (crl *CRL) Type() Type {`
			`return TypeX509CRL`
			`}`

			`// Location returns the location data stored by PrivateKeyInfo.`
			`func (crl *CRL) Location() string {`
			`return crl.Loc`
			`}`

			`// Info returns structured information about the prvate key.`
			`func (crl *CRL) Info() []Section {`
			`return []Section{`
			`crl.CRLSection(),`
			`crl.IssuerSection(),`
			`crl.RevocationSection(),`
			`}`
			`}`

			`// CRLSection returns metadata about the CRL itself.`
			`func (crl *CRL) CRLSection() Section {`
			`return Section{`
			`Title: "Metadata",`
			`Fields: []Field{`
			`Field{`
			`Key: "Serial number",`
			`Value: FormatHexBytes(crl.CRL.Number.Bytes()),`
			`},`
			`Field{`
			`Key: "Valid from",`
			`Value: crl.CRL.ThisUpdate,`
			`},`
			`Field{`
			`Key: "Valid until",`
			`Value: crl.CRL.NextUpdate,`
			`},`
			`},`
			`}`
			`}`

			`func (crl *CRL) IssuerSection() Section {`
			`f := []Field{`
			`Field{`
			`Key: "Description",`
			`Value: crl.CRL.Issuer.CommonName,`
			`},`
			`}`
			`f = appendX509DNField(f, crl.CRL.Issuer)`
			`if len(crl.CRL.AuthorityKeyId) > 0 {`
			`f = append(f, Field{`
			`Key: "Key ID",`
			`Value: FormatHexBytes(crl.CRL.AuthorityKeyId),`
			`})`
			`}`
			`return Section{`
			`Title: "Issuer",`
			`Fields: f,`
			`}`
			`}`

			`func (crl *CRL) RevocationSection() Section {`
			`revoked := make([]string, len(crl.CRL.RevokedCertificates))`
			`for i := range crl.CRL.RevokedCertificates {`
			`revoked[i] = FormatHexBytes(crl.CRL.RevokedCertificates[i].SerialNumber.Bytes())`
			`}`

			`return Section{`
			`Title: "Revoked certificates",`
			`Fields: []Field{`
			`Field{`
			`Key: "Count",`
			`Value: len(revoked),`
			`},`
			`Field{`
			`Key: "Revoked",`
			`Value: revoked,`
			`},`
			`},`
			`}`
			`}`