1
0
mirror of https://github.com/golang/go synced 2024-11-14 21:20:27 -07:00
Commit Graph

1 Commits

Author SHA1 Message Date
Roland Shoemaker
2de2f6df64 crypto/x509: add new CRL parser, deprecate old one
Adds a new, cryptobyte based, CRL parser, which returns a
x509.RevocaitonList, rather than a pkix.CertificateList. This allows us
to return much more detailed information, as well as leaving open the
option of adding further information since RevocationList is not a
direct ASN.1 representation like pkix.CertificateList. Additionally
a new method is added to RevocationList, CheckSignatureFrom, which is
analogous to the method with the same name on Certificate, which
properly checks that the signature is from an issuing certiifcate.

This change also deprecates a number of older CRL related functions and
types, which have been replaced with the new functionality introduced
in this change:
  * crypto/x509.ParseCRL
  * crypto/x509.ParseDERCRL
  * crypto/x509.CheckCRLSignature
  * crypto/x509/pkix.CertificateList
  * crypto/x509/pkix.TBSCertificateList

Fixes #50674

Change-Id: I27dc219e39bef09a396e666b4fccaa32578fd913
Reviewed-on: https://go-review.googlesource.com/c/go/+/390834
Reviewed-by: Damien Neil <dneil@google.com>
Trust: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
2022-04-05 23:32:55 +00:00