120 lines
2.3 KiB
Go
120 lines
2.3 KiB
Go
package inspect
|
|
|
|
import (
|
|
"crypto/x509"
|
|
)
|
|
|
|
// DERCRLInfo attempts to parse a DER-form X.509 CRL and returns information
|
|
// about it.
|
|
func DERCRLInfo(loc string, der []byte) Info {
|
|
crl, err := x509.ParseRevocationList(der)
|
|
if err != nil {
|
|
return &BadInfo{
|
|
Typ: TypeX509CRL,
|
|
Loc: loc,
|
|
Underlying: err,
|
|
}
|
|
}
|
|
|
|
return CRLInfo(loc, crl)
|
|
}
|
|
|
|
// CRLInfo returns information about a CRL. Note it holds a reference to the
|
|
// crl argument.
|
|
func CRLInfo(loc string, crl *x509.RevocationList) *CRL {
|
|
return &CRL{
|
|
Loc: loc,
|
|
CRL: crl,
|
|
}
|
|
}
|
|
|
|
// CRL holds structured information about a CRL. It implements Info.
|
|
type CRL struct {
|
|
// Loc is the location the CRL was encountered.
|
|
Loc string
|
|
|
|
// CRL is the raw CRL.
|
|
CRL *x509.RevocationList
|
|
}
|
|
|
|
// Type indicates this is a private key.
|
|
func (crl *CRL) Type() Type {
|
|
return TypeX509CRL
|
|
}
|
|
|
|
// Location returns the location data stored by PrivateKeyInfo.
|
|
func (crl *CRL) Location() string {
|
|
return crl.Loc
|
|
}
|
|
|
|
// Info returns structured information about the prvate key.
|
|
func (crl *CRL) Info() []Section {
|
|
return []Section{
|
|
crl.CRLSection(),
|
|
crl.IssuerSection(),
|
|
crl.RevocationSection(),
|
|
}
|
|
}
|
|
|
|
// CRLSection returns metadata about the CRL itself.
|
|
func (crl *CRL) CRLSection() Section {
|
|
return Section{
|
|
Title: "Metadata",
|
|
Fields: []Field{
|
|
Field{
|
|
Key: "Serial number",
|
|
Value: FormatHexBytes(crl.CRL.Number.Bytes()),
|
|
},
|
|
Field{
|
|
Key: "Valid from",
|
|
Value: crl.CRL.ThisUpdate,
|
|
},
|
|
Field{
|
|
Key: "Valid until",
|
|
Value: crl.CRL.NextUpdate,
|
|
},
|
|
},
|
|
}
|
|
}
|
|
|
|
func (crl *CRL) IssuerSection() Section {
|
|
f := []Field{
|
|
Field{
|
|
Key: "Description",
|
|
Value: crl.CRL.Issuer.CommonName,
|
|
},
|
|
}
|
|
f = appendX509DNField(f, crl.CRL.Issuer)
|
|
if len(crl.CRL.AuthorityKeyId) > 0 {
|
|
f = append(f, Field{
|
|
Key: "Key ID",
|
|
Value: FormatHexBytes(crl.CRL.AuthorityKeyId),
|
|
})
|
|
}
|
|
return Section{
|
|
Title: "Issuer",
|
|
Fields: f,
|
|
}
|
|
}
|
|
|
|
func (crl *CRL) RevocationSection() Section {
|
|
revoked := make([]string, len(crl.CRL.RevokedCertificates))
|
|
for i := range crl.CRL.RevokedCertificates {
|
|
revoked[i] = FormatHexBytes(crl.CRL.RevokedCertificates[i].SerialNumber.Bytes())
|
|
}
|
|
|
|
return Section{
|
|
Title: "Revoked certificates",
|
|
Fields: []Field{
|
|
Field{
|
|
Key: "Count",
|
|
Value: len(revoked),
|
|
},
|
|
Field{
|
|
Key: "Revoked",
|
|
Value: revoked,
|
|
},
|
|
},
|
|
}
|
|
}
|