1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
|
// Copyright The Notary Project Authors.
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Package result provides general objects that are used across revocation
package result
import "strconv"
// Result is a type of enumerated value to help characterize errors. It can be
// OK, Unknown, or Revoked
type Result int
const (
// ResultUnknown is a Result that indicates that some error other than a
// revocation was encountered during the revocation check
ResultUnknown Result = iota
// ResultOK is a Result that indicates that the revocation check resulted in no
// important errors
ResultOK
// ResultNonRevokable is a Result that indicates that the certificate cannot be
// checked for revocation. This may be a result of no OCSP servers being
// specified, the cert is a root certificate, or other related situations.
ResultNonRevokable
// ResultRevoked is a Result that indicates that at least one certificate was
// revoked when performing a revocation check on the certificate chain
ResultRevoked
)
// String provides a conversion from a Result to a string
func (r Result) String() string {
switch r {
case ResultOK:
return "OK"
case ResultNonRevokable:
return "NonRevokable"
case ResultUnknown:
return "Unknown"
case ResultRevoked:
return "Revoked"
default:
return "invalid result with value " + strconv.Itoa(int(r))
}
}
// ServerResult encapsulates the result for a single server for a single
// certificate in the chain
type ServerResult struct {
// Result of revocation for this server (Unknown if there is an error which
// prevents the retrieval of a valid status)
Result Result
// Server is the URI associated with this result. If no server is associated
// with the result (e.g. it is a root certificate or no OCSPServers are
// specified), then this will be an empty string ("")
Server string
// Error is set if there is an error associated with the revocation check
// to this server
Error error
}
// NewServerResult creates a ServerResult object from its individual parts: a
// Result, a string for the server, and an error
func NewServerResult(result Result, server string, err error) *ServerResult {
return &ServerResult{
Result: result,
Server: server,
Error: err,
}
}
// CertRevocationResult encapsulates the result for a single certificate in the
// chain as well as the results from individual servers associated with this
// certificate
type CertRevocationResult struct {
// Result of revocation for a specific cert in the chain
//
// If there are multiple ServerResults, this is because no responses were
// able to be retrieved, leaving each ServerResult with a Result of Unknown.
// Thus, in the case of more than one ServerResult, this will be ResultUnknown
Result Result
// An array of results for each server associated with the certificate.
// The length will be either 1 or the number of OCSPServers for the cert.
//
// If the length is 1, then a valid status was able to be retrieved. Only
// this server result is contained. Any errors for other servers are
// discarded in favor of this valid response.
//
// Otherwise, every server specified had some error that prevented the
// status from being retrieved. These are all contained here for evaluation
ServerResults []*ServerResult
}
|