Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: CRL #214

Merged
merged 117 commits into from
Sep 18, 2024
Merged

feat: CRL #214

merged 117 commits into from
Sep 18, 2024

Conversation

JeyJeyGao
Copy link
Contributor

@JeyJeyGao JeyJeyGao commented Jul 24, 2024
edited
Loading

Feat:

  • CRL support, including CRL downloading, validation, and revocation list checks.
  • OCSP fallback to CRL when OCSP is unavailable or encounters an unknown issue.

Refactor:

  • move OCSP to internal package to export ocsp.CertCheckStatus and ocsp.Supported function for revocation package

The PR implements a subset of RFC 5280:

  • It only supports X.509 v2 CRL, as the Golang CRL parser only supports v2.
  • It only verifies that the CRL issuer is the certificate's CA with the same key.
  • Delta CRL and indirect CRL are not supported.

NOTE: CRL cache is not included.

Resolves part 1 of #125
Signed-off-by: Junjie Gao [email protected]

JeyJeyGao added 30 commits April 7, 2024 11:39
@JeyJeyGao
Squashed commit of the following:
62aa8fc 
commit 9240650
Merge: 0c1ec3b 4198690
Author: Junjie Gao <[email protected]>
Date:   Wed Aug 9 17:07:34 2023 +0800

    Merge pull request #1 from JeyJeyGao/feat/ans1

    feat: convert BER to DER

commit 4198690
Author: Junjie Gao <[email protected]>
Date:   Wed Aug 9 09:14:29 2023 +0800

    fix: simplify code

    Signed-off-by: Junjie Gao <[email protected]>

commit 75ce02d
Author: Junjie Gao <[email protected]>
Date:   Mon Aug 7 20:33:08 2023 +0800

    fix: added Conetent method for value interface

    Signed-off-by: Junjie Gao <[email protected]>

commit 7b823a9
Author: Junjie Gao <[email protected]>
Date:   Mon Aug 7 08:54:37 2023 +0800

    fix: update code

    Signed-off-by: Junjie Gao <[email protected]>

commit 41ecec6
Author: Junjie Gao <[email protected]>
Date:   Sun Aug 6 17:33:19 2023 +0800

    fix: remove recusive call for encode()

    Signed-off-by: Junjie Gao <[email protected]>

commit 8f1a2af
Author: Junjie Gao <[email protected]>
Date:   Fri Aug 4 13:40:09 2023 +0800

    fix: remove unused value

    Signed-off-by: Junjie Gao <[email protected]>

commit 9b6a0c5
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 20:25:22 2023 +0800

    fix: update code

    Signed-off-by: Junjie Gao <[email protected]>

commit 91a3691
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 20:11:28 2023 +0800

    fix: create pointer instead of value to improve performance

    Signed-off-by: Junjie Gao <[email protected]>

commit 1465e3e
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 20:04:44 2023 +0800

    fix: update code

    Signed-off-by: Junjie Gao <[email protected]>

commit 6524a9c
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 19:53:27 2023 +0800

    fix: update variable naming

    Signed-off-by: Junjie Gao <[email protected]>

commit 6cfbd9c
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 19:47:39 2023 +0800

    fix: update code

    Signed-off-by: Junjie Gao <[email protected]>

commit b9c73bd
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 17:56:52 2023 +0800

    fix: update to use rawContent instead of expectedLen

    Signed-off-by: Junjie Gao <[email protected]>

commit 3c99402
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 16:45:09 2023 +0800

    fix: update comment

    Signed-off-by: Junjie Gao <[email protected]>

commit f4dc95f
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 16:41:57 2023 +0800

    fix: resolve comment

    Signed-off-by: Junjie Gao <[email protected]>

commit f916316
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 16:40:37 2023 +0800

    fix: update code

    Signed-off-by: Junjie Gao <[email protected]>

commit 22afdf8
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 16:34:34 2023 +0800

    fix: resolve comment

    Signed-off-by: Junjie Gao <[email protected]>

commit edb729c
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 16:32:47 2023 +0800

    fix: resolve comment

    Signed-off-by: Junjie Gao <[email protected]>

commit a8ba0ff
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 16:26:29 2023 +0800

    fix: update code

    Signed-off-by: Junjie Gao <[email protected]>

commit bc18cae
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 16:14:57 2023 +0800

    fix: resolve comments

    Signed-off-by: Junjie Gao <[email protected]>

commit 643f388
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 09:17:39 2023 +0800

    fix: update comment

    Signed-off-by: Junjie Gao <[email protected]>

commit b5d5131
Author: Junjie Gao <[email protected]>
Date:   Thu Aug 3 09:15:23 2023 +0800

    fix: expectedLen == 0 should continue

    Signed-off-by: Junjie Gao <[email protected]>

commit 2345740
Author: Junjie Gao <[email protected]>
Date:   Wed Aug 2 13:01:38 2023 +0800

    fix: added copyright

    Signed-off-by: Junjie Gao <[email protected]>

commit 936ba2b
Author: Junjie Gao <[email protected]>
Date:   Wed Aug 2 11:36:02 2023 +0800

    fix: remove recusive decoding

    Signed-off-by: Junjie Gao <[email protected]>

commit 4fd944a
Author: Junjie Gao <[email protected]>
Date:   Tue Aug 1 21:50:10 2023 +0800

    fix: remove readOnlySlice

    Signed-off-by: Junjie Gao <[email protected]>

commit efa7575
Author: Junjie Gao <[email protected]>
Date:   Tue Aug 1 09:38:57 2023 +0800

    fix: update decodeIdentifier function name

    Signed-off-by: Junjie Gao <[email protected]>

commit cbce4c1
Author: Junjie Gao <[email protected]>
Date:   Tue Aug 1 09:25:34 2023 +0800

    fix: update code

    Signed-off-by: Junjie Gao <[email protected]>

commit 45480e5
Author: Junjie Gao <[email protected]>
Date:   Mon Jul 31 21:22:20 2023 +0800

    fix: update code

    Signed-off-by: Junjie Gao <[email protected]>

commit b3de155
Author: Junjie Gao <[email protected]>
Date:   Mon Jul 31 20:51:48 2023 +0800

    fix: set non-exportable type

    Signed-off-by: Junjie Gao <[email protected]>

commit 5dea9e5
Author: Junjie Gao <[email protected]>
Date:   Mon Jul 31 20:44:50 2023 +0800

    feat: asn.1 first version

    Signed-off-by: Junjie Gao <[email protected]>

Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
test: add unit test
eef8579 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
feat: crl support
feb151c 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
56da59c 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
Merge remote-tracking branch 'upstream/main' into feat/crl
7d869a7
@JeyJeyGao
fix: update
a25275e 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update crl
a262bab 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
Merge remote-tracking branch 'upstream/main' into feat/crl
7d591d6
@JeyJeyGao
fix: update cache
e66d9fd 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
ac1d240 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
Merge remote-tracking branch 'upstream/main' into feat/crl
e789f29
@JeyJeyGao
fix: update test
31fa5a5 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
039be39 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
3b1a7ed 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
6875035 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
5bbd8c7 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: deprecate revocation Mode
39c94d3 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
c85d472 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
a8db155 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
534d11e 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
50964ba 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
cf593b1 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
c172845 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
1aa53fd 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
2d39c35 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
4c01b9e 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: remove cache
5787e75 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
41746fb 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: refactor
759b727 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
17da500 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
4e565ec 
Signed-off-by: Junjie Gao <[email protected]>
Two-Hearts
Two-Hearts reviewed Sep 12, 2024
View reviewed changes
revocation/result/results.go Outdated Show resolved Hide resolved
revocation/result/results.go Show resolved Hide resolved
revocation/result/results.go Outdated Show resolved Hide resolved
@JeyJeyGao
fix: update
5aa15e0 
Signed-off-by: Junjie Gao <[email protected]>
shizhMSFT
shizhMSFT previously approved these changes Sep 12, 2024
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM with suggestions

revocation/method.go Outdated Show resolved Hide resolved
Two-Hearts
Two-Hearts reviewed Sep 13, 2024
View reviewed changes
revocation/method.go Outdated Show resolved Hide resolved
revocation/internal/crl/crl.go Outdated Show resolved Hide resolved
@JeyJeyGao
fix: update
e2b246d 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
982561e 
Signed-off-by: Junjie Gao <[email protected]>
Two-Hearts
Two-Hearts previously approved these changes Sep 13, 2024
View reviewed changes
Copy link
Contributor

@Two-Hearts Two-Hearts left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

priteshbandi
priteshbandi previously approved these changes Sep 13, 2024
View reviewed changes
Copy link
Contributor

@priteshbandi priteshbandi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@JeyJeyGao
fix: update
f4400ac 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao JeyJeyGao dismissed stale reviews from priteshbandi and Two-Hearts via f4400ac September 14, 2024 02:15
@JeyJeyGao
fix: update
f422da2 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
50f6e6d 
Signed-off-by: Junjie Gao <[email protected]>
shizhMSFT
shizhMSFT reviewed Sep 14, 2024
View reviewed changes
revocation/method.go Outdated Show resolved Hide resolved
revocation/result/results.go Outdated Show resolved Hide resolved
revocation/result/results.go Outdated Show resolved Hide resolved
revocation/result/results.go Outdated Show resolved Hide resolved
revocation/internal/crl/crl.go Outdated Show resolved Hide resolved
@JeyJeyGao
fix: update
deec55e 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
c6132af 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao
fix: update
2bf101a 
Signed-off-by: Junjie Gao <[email protected]>
@JeyJeyGao JeyJeyGao requested a review from shizhMSFT September 14, 2024 03:23
shizhMSFT
shizhMSFT approved these changes Sep 14, 2024
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Two-Hearts
Two-Hearts approved these changes Sep 14, 2024
View reviewed changes
Copy link
Contributor

@Two-Hearts Two-Hearts left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

priteshbandi
priteshbandi approved these changes Sep 17, 2024
View reviewed changes
Copy link
Contributor

@priteshbandi priteshbandi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@JeyJeyGao JeyJeyGao merged commit 695ea0c into notaryproject:main Sep 18, 2024
9 checks passed
@Two-Hearts Two-Hearts mentioned this pull request Sep 24, 2024
Closed
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Two-Hearts Two-Hearts Two-Hearts approved these changes

@shizhMSFT shizhMSFT shizhMSFT approved these changes

@priteshbandi priteshbandi priteshbandi approved these changes

@gokarnm gokarnm Awaiting requested review from gokarnm gokarnm is a code owner

@NiazFK NiazFK Awaiting requested review from NiazFK NiazFK is a code owner

@rgnote rgnote Awaiting requested review from rgnote rgnote is a code owner

@toddysm toddysm Awaiting requested review from toddysm toddysm is a code owner

@vaninrao10 vaninrao10 Awaiting requested review from vaninrao10 vaninrao10 is a code owner

@yizha1 yizha1 Awaiting requested review from yizha1 yizha1 is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.3.0
Development

Successfully merging this pull request may close these issues.
4 participants
@JeyJeyGao @priteshbandi @shizhMSFT @Two-Hearts