...

Source file src/github.com/sassoftware/relic/lib/pkcs9/structs.go

Documentation: github.com/sassoftware/relic/lib/pkcs9 

     1  //
     2  // Copyright (c) SAS Institute Inc.
     3  //
     4  // Licensed under the Apache License, Version 2.0 (the "License");
     5  // you may not use this file except in compliance with the License.
     6  // You may obtain a copy of the License at
     7  //
     8  //     http://www.apache.org/licenses/LICENSE-2.0
     9  //
    10  // Unless required by applicable law or agreed to in writing, software
    11  // distributed under the License is distributed on an "AS IS" BASIS,
    12  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  // See the License for the specific language governing permissions and
    14  // limitations under the License.
    15  //
    16  
    17  // PKCS#9 is a specification for trusted timestamping. Timestamping services
    18  // create a timestamp token which includes a known-good timestamp with a
    19  // signature over it. The token can be attached to a document to prove that it
    20  // existed at the indicated time. When attached to a PKCS#7 signedData
    21  // structure, the timestamp proves that the primary signature was created
    22  // during the valid lifespan of the signing certificate, allowing it to be
    23  // validated after the certificates have expired.
    24  //
    25  // See RFC 3161
    26  package pkcs9
    27  
    28  import (
    29  	"crypto/x509/pkix"
    30  	"encoding/asn1"
    31  	"math/big"
    32  	"time"
    33  
    34  	"github.com/sassoftware/relic/lib/pkcs7"
    35  )
    36  
    37  const (
    38  	StatusGranted = iota
    39  	StatusGrantedWithMods
    40  	StatusRejection
    41  	StatusWaiting
    42  	StatusRevocationWarning
    43  	StatusRevocationNotification
    44  
    45  	FailureBadAlg              = 0
    46  	FailureBadRequest          = 2
    47  	FailureBadDataFormat       = 5
    48  	FailureTimeNotAvailable    = 14
    49  	FailureUnacceptedPolicy    = 15
    50  	FailureUnacceptedExtension = 16
    51  	FailureAddInfoNotAvailable = 17
    52  	SystemFailure              = 25
    53  )
    54  
    55  var (
    56  	OidKeyPurposeTimeStamping  = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 3, 8}
    57  	OidTSTInfo                 = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 9, 16, 1, 4}
    58  	OidAttributeTimeStampToken = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 9, 16, 2, 14}
    59  	OidAttributeCounterSign    = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 9, 6}
    60  
    61  	OidSpcTimeStampRequest = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 3, 2, 1}
    62  	// undocumented(?) alternative to OidAttributeTimeStampToken found in Authenticode signatures
    63  	OidSpcTimeStampToken = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 3, 3, 1}
    64  )
    65  
    66  type TimeStampReq struct {
    67  	Version        int
    68  	MessageImprint MessageImprint
    69  	ReqPolicy      asn1.ObjectIdentifier `asn1:"optional"`
    70  	Nonce          *big.Int              `asn1:"optional"`
    71  	CertReq        bool                  `asn1:"default:false"`
    72  	Extensions     []pkix.Extension      `asn1:"optional,implicit,tag:0"`
    73  }
    74  
    75  type MessageImprint struct {
    76  	HashAlgorithm pkix.AlgorithmIdentifier
    77  	HashedMessage []byte
    78  }
    79  
    80  type TimeStampResp struct {
    81  	Status         PKIStatusInfo
    82  	TimeStampToken pkcs7.ContentInfoSignedData `asn1:"optional"`
    83  }
    84  
    85  type PKIStatusInfo struct {
    86  	Status       int
    87  	StatusString []string       `asn1:"optional"`
    88  	FailInfo     asn1.BitString `asn1:"optional"`
    89  }
    90  
    91  type TSTInfo struct {
    92  	Version        int
    93  	Policy         asn1.ObjectIdentifier
    94  	MessageImprint MessageImprint
    95  	SerialNumber   *big.Int
    96  	GenTime        time.Time
    97  	Accuracy       Accuracy         `asn1:"optional"`
    98  	Ordering       bool             `asn1:"optional,default:false"`
    99  	Nonce          *big.Int         `asn1:"optional"`
   100  	TSA            GeneralName      `asn1:"optional,implicit,tag:0"`
   101  	Extensions     []pkix.Extension `asn1:"optional,implicit,tag:1"`
   102  }
   103  
   104  type Accuracy struct {
   105  	Seconds int `asn1:"optional"`
   106  	Millis  int `asn1:"optional,tag:0"`
   107  	Micros  int `asn1:"optional,tag:1"`
   108  }
   109  
   110  type GeneralName struct {
   111  	// See RFC 3280
   112  	Value asn1.RawValue
   113  }
   114  

View as plain text