unipdf/model/sigutil/sigutil.go

//
// Copyright 2020 FoxyUtils ehf. All rights reserved.
//
// This is a commercial product and requires a license to operate.
// A trial license can be obtained at https://unidoc.io
//
// DO NOT EDIT: generated by unitwist Go source code obfuscator.
//
// Use of this source code is governed by the UniDoc End User License Agreement
// terms that can be accessed at https://unidoc.io/eula/

package sigutil ;import (_g "bytes";_a "crypto";_ca "crypto/x509";_bfa "encoding/pem";_bf "errors";_gf "fmt";_e "github.com/unidoc/unipdf/v3/common";_eg "golang.org/x/crypto/ocsp";_ae "io/ioutil";_cb "net/http";_c "time";);

// CertClient represents a X.509 certificate client. Its primary purpose
// is to download certificates.
type CertClient struct{

// HTTPClient is the HTTP client used to make certificate requests.
// By default, an HTTP client with a 5 second timeout per request is used.
HTTPClient *_cb .Client ;};

// NewCRLClient returns a new CRL client.
func NewCRLClient ()*CRLClient {return &CRLClient {HTTPClient :_abcf ()}};func _abcf ()*_cb .Client {return &_cb .Client {Timeout :5*_c .Second }};

// NewOCSPClient returns a new OCSP client.
func NewOCSPClient ()*OCSPClient {return &OCSPClient {HTTPClient :_abcf (),Hash :_a .SHA1 }};

// MakeRequest makes a OCSP request to the specified server and returns
// the parsed and raw responses. If a server URL is not provided, it is
// extracted from the certificate.
func (_ebd *OCSPClient )MakeRequest (serverURL string ,cert ,issuer *_ca .Certificate )(*_eg .Response ,[]byte ,error ){if _ebd .HTTPClient ==nil {_ebd .HTTPClient =_abcf ();};if serverURL ==""{if len (cert .OCSPServer )==0{return nil ,nil ,_bf .New ("\u0063e\u0072\u0074i\u0066\u0069\u0063a\u0074\u0065\u0020\u0064\u006f\u0065\u0073 \u006e\u006f\u0074\u0020\u0073\u0070e\u0063\u0069\u0066\u0079\u0020\u0061\u006e\u0079\u0020\u004f\u0043S\u0050\u0020\u0073\u0065\u0072\u0076\u0065\u0072\u0073");};serverURL =cert .OCSPServer [0];};_ac ,_bfg :=_eg .CreateRequest (cert ,issuer ,&_eg .RequestOptions {Hash :_ebd .Hash });if _bfg !=nil {return nil ,nil ,_bfg ;};_ed ,_bfg :=_ebd .HTTPClient .Post (serverURL ,"\u0061p\u0070\u006c\u0069\u0063\u0061\u0074\u0069\u006f\u006e\u002f\u006fc\u0073\u0070\u002d\u0072\u0065\u0071\u0075\u0065\u0073\u0074",_g .NewReader (_ac ));if _bfg !=nil {return nil ,nil ,_bfg ;};defer _ed .Body .Close ();_abc ,_bfg :=_ae .ReadAll (_ed .Body );if _bfg !=nil {return nil ,nil ,_bfg ;};if _gff ,_ :=_bfa .Decode (_abc );_gff !=nil {_abc =_gff .Bytes ;};_cbb ,_bfg :=_eg .ParseResponseForCert (_abc ,cert ,issuer );if _bfg !=nil {return nil ,nil ,_bfg ;};return _cbb ,_abc ,nil ;};

// MakeRequest makes a CRL request to the specified server and returns the
// response. If a server URL is not provided, it is extracted from the certificate.
func (_ce *CRLClient )MakeRequest (serverURL string ,cert *_ca .Certificate )([]byte ,error ){if _ce .HTTPClient ==nil {_ce .HTTPClient =_abcf ();};if serverURL ==""{if len (cert .CRLDistributionPoints )==0{return nil ,_bf .New ("\u0063e\u0072\u0074i\u0066\u0069\u0063\u0061t\u0065\u0020\u0064o\u0065\u0073\u0020\u006e\u006f\u0074\u0020\u0073\u0070ec\u0069\u0066\u0079 \u0061\u006ey\u0020\u0043\u0052\u004c\u0020\u0073e\u0072\u0076e\u0072\u0073");};serverURL =cert .CRLDistributionPoints [0];};_ced ,_fb :=_ce .HTTPClient .Get (serverURL );if _fb !=nil {return nil ,_fb ;};defer _ced .Body .Close ();_gg ,_fb :=_ae .ReadAll (_ced .Body );if _fb !=nil {return nil ,_fb ;};if _be ,_ :=_bfa .Decode (_gg );_be !=nil {_gg =_be .Bytes ;};return _gg ,nil ;};

// OCSPClient represents a OCSP (Online Certificate Status Protocol) client.
// It is used to request revocation data from OCSP servers.
type OCSPClient struct{

// HTTPClient is the HTTP client used to make OCSP requests.
// By default, an HTTP client with a 5 second timeout per request is used.
HTTPClient *_cb .Client ;

// Hash is the hash function  used when constructing the OCSP
// requests. If zero, SHA-1 will be used.
Hash _a .Hash ;};

// Get retrieves the certificate at the specified URL.
func (_aeg *CertClient )Get (url string )(*_ca .Certificate ,error ){if _aeg .HTTPClient ==nil {_aeg .HTTPClient =_abcf ();};_bc ,_f :=_aeg .HTTPClient .Get (url );if _f !=nil {return nil ,_f ;};defer _bc .Body .Close ();_aegg ,_f :=_ae .ReadAll (_bc .Body );if _f !=nil {return nil ,_f ;};if _ga ,_ :=_bfa .Decode (_aegg );_ga !=nil {_aegg =_ga .Bytes ;};_ge ,_f :=_ca .ParseCertificate (_aegg );if _f !=nil {return nil ,_f ;};return _ge ,nil ;};

// IsCA returns true if the provided certificate appears to be a CA certificate.
func (_ddg *CertClient )IsCA (cert *_ca .Certificate )bool {return cert .IsCA &&_g .Equal (cert .RawIssuer ,cert .RawSubject );};

// GetIssuer retrieves the issuer of the provided certificate.
func (_cc *CertClient )GetIssuer (cert *_ca .Certificate )(*_ca .Certificate ,error ){for _ ,_ab :=range cert .IssuingCertificateURL {_d ,_dd :=_cc .Get (_ab );if _dd !=nil {_e .Log .Debug ("\u0057\u0041\u0052\u004e\u003a\u0020\u0063\u006f\u0075\u006c\u0064\u0020\u006e\u006f\u0074 \u0064\u006f\u0077\u006e\u006c\u006f\u0061\u0064\u0020\u0069\u0073\u0073\u0075e\u0072\u0020\u0066\u006f\u0072\u0020\u0063\u0065\u0072\u0074\u0069\u0066ic\u0061\u0074\u0065\u0020\u0025\u0076\u003a\u0020\u0025\u0076",cert .Subject .CommonName ,_dd );continue ;};return _d ,nil ;};return nil ,_gf .Errorf ("\u0069\u0073\u0073\u0075e\u0072\u0020\u0063\u0065\u0072\u0074\u0069\u0066\u0069\u0063a\u0074e\u0020\u006e\u006f\u0074\u0020\u0066\u006fu\u006e\u0064");};

// NewCertClient returns a new certificate client.
func NewCertClient ()*CertClient {return &CertClient {HTTPClient :_abcf ()}};

// CRLClient represents a CRL (Certificate revocation list) client.
// It is used to request revocation data from CRL servers.
type CRLClient struct{

// HTTPClient is the HTTP client used to make CRL requests.
// By default, an HTTP client with a 5 second timeout per request is used.
HTTPClient *_cb .Client ;};