diff options
| author | Aaron Gable <aaron@letsencrypt.org> | 2023-02-15 14:25:34 -0800 |
|---|---|---|
| committer | Roland Shoemaker <roland@golang.org> | 2023-03-13 20:25:37 +0000 |
| commit | 82c713feb05da594567631972082af2fcba0ee4f (patch) | |
| tree | 233f9b33abf8aecdd5c57a09cdb0a5e15a025882 /api | |
| parent | 7c019c62fb32db42e946b15763217518a521404e (diff) | |
| download | go-git-82c713feb05da594567631972082af2fcba0ee4f.tar.gz | |
crypto/x509: surface ReasonCode in RevocationList API
Creates x509.RevocationListEntry, a new type representing a single
revoked certificate entry in a CRL. Like the existing Certificate and
RevocationList types, this new type has a field for its Raw bytes, and
exposes its mostly-commonly-used extension (ReasonCode) as a top-level
field. This provides more functionality to the user than the existing
pkix.RevokedCertificate type.
Adds a RevokedCertificateEntries field which is a []RevocationListEntry
to RevocationList. This field deprecates the RevokedCertificates field.
When the RevokedCertificates field is removed in a future release, this
will remove one of the last places where a pkix type is directly exposed
in the x509 package API.
Updates the ParseRevocationList function to populate both fields for
now, and updates the CreateRevocationList function to prefer the new
field if it is populated, but use the deprecated field if not. Finally,
also updates the x509 unit tests to use the new .ReasonCode field in
most cases.
Fixes #53573
Change-Id: Ia6de171802a5bd251938366508532e806772d7d8
Reviewed-on: https://go-review.googlesource.com/c/go/+/468875
Reviewed-by: Cherry Mui <cherryyz@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Diffstat (limited to 'api')
| -rw-r--r-- | api/next/53573.txt | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/api/next/53573.txt b/api/next/53573.txt new file mode 100644 index 0000000000..a3719216d0 --- /dev/null +++ b/api/next/53573.txt @@ -0,0 +1,9 @@ +pkg crypto/x509, type RevocationList struct, RevokedCertificateEntries []RevocationListEntry #53573 +pkg crypto/x509, type RevocationList struct, RevokedCertificates //deprecated #53573 +pkg crypto/x509, type RevocationListEntry struct #53573 +pkg crypto/x509, type RevocationListEntry struct, Extensions []pkix.Extension #53573 +pkg crypto/x509, type RevocationListEntry struct, ExtraExtensions []pkix.Extension #53573 +pkg crypto/x509, type RevocationListEntry struct, Raw []uint8 #53573 +pkg crypto/x509, type RevocationListEntry struct, ReasonCode int #53573 +pkg crypto/x509, type RevocationListEntry struct, RevocationTime time.Time #53573 +pkg crypto/x509, type RevocationListEntry struct, SerialNumber *big.Int #53573 |