EncodeAS encodes and returns the packed AS certificate.

EncodeIssuer encodes and returns the packed issuer certificate.

EncodeProtectedAS encodes the protected header.

EncodeProtectedIssuer encodes the protected header.

ParseChain parses the raw chain.

EncryptionKey is the encryption key type.

ErrASValidityNotCovered indicates the AS certificate's validity period is not covered by the issuer certificate's validity period.

ErrInvalidCertificateType indicates the certificate type is invalid.

ErrInvalidChainLength indicates an invalid chain length.

ErrInvalidCrit indicates that the value for the crit key is invalid.

ErrInvalidDistributionPoint indicates that the distribution point is a wildcard.

ErrInvalidKeyType indicates an inexistent key type.

ErrInvalidProtected indicates an invalid protected meta.

ErrInvalidSignatureType indicates an invalid signature type.

ErrInvalidSubject indicates that the subject contains a wildcard.

ErrInvalidValidityPeriod indicates an invalid validity period.

ErrInvalidVersion indicates an invalid certificate version.

ErrIssuerDifferentISD indicates that the issuing AS is in a different ISD.

ErrIssuerValidityNotCovered indicates the issuer certificate's validity period is not covered by the TRC's validity period.

ErrMissingKey indicates that the certificate is missing a key.

ErrUnexpectedCertificateVersion indicates another issuer certificate version is expected.

ErrUnexpectedIssuer indicates another issuer is expected.

ErrUnexpectedKey indicates that the certificate holds an excess key.

ErrUnexpectedTRCVersion indicates another TRC version is expected.

ErrUnsupportedFormat indicates an invalid certificate format.

ErrWildcardIssuer indicates the issuer is a wildcard IA.

IssuingKey is the issuing key type.

RevocationKey is the revocation key type.

SigningKey is the signing key type.

ErrAlgorithmNotSet indicates the key algorithm is not set.

ErrCertificateTypeNotSet indicates certificate_type is not set.

ErrCritNotSet indicates that crit is not set.

ErrDescriptionNotSet indicates description is not set.

ErrFormatVersionNotSet indicates format_version is not set.

ErrIANotSet indicates the issuing ia is not set.

ErrIssuerCertificateVersionNotSet indicates the issuer certificate version is not set.

ErrIssuerIANotSet indicates the issuer ia is not set.

ErrIssuerNotSet indicates issuer is not set.

ErrIssuerTRCVersionNotSet indicates the issuer TRC version is not set.

ErrKeysNotSet indicates keys is not set.

ErrNotIssuing indicates that the subject of the issuer certificate is not and issuing AS, and not allowed to self-sign the certificate.

ErrNotUTF8 indicates an invalid encoding.

ErrOptionalDistributionPointsNotSet indicates optional_distribution_points is not set.

ErrSignatureTypeNotSet indicates the signature type is not set.

ErrSubjectNotSet indicates subject is not set.

ErrTRCVersionNotSet indicates the TRC version is not set.

ErrValidityNotSet indicates validity is not set.

ErrVersionNotSet indicates version is not set.

AS is the AS certificate.

ASVerifier verifies the AS certificate based on the trusted issuer certificate.

Base contains the shared fields between the issuer and AS certificate.

Chain represents the certificate chain.

CritAS is the "crit" section for the AS certificate (see: https://tools.ietf.org/html/rfc7515#section-4.1.11).

CritIssuer is the "crit" section for the issuer certificate (see: https://tools.ietf.org/html/rfc7515#section-4.1.11).

Issuer is the Issuer certificate.

IssuerCertID identifies the issuer certificate that authenticates the AS certificate.

IssuerTRC identifies the TRC that authenticates the issuer certificate.

IssuerVerifier verifies the issuer certificate based on the trusted TRC.

ProtectedAS is the signature metadata.

ProtectedIssuer is the signature metadata.

SignatureTypeCertificate indicates the public key is authenticated by an issuer certificate.

SignatureTypeTRC indicates the public key is authenticated by an issuer certificate.

TypeAS indicates an AS certificate.

TypeIssuer indicates an AS certificate.

EncodedAS is the the base64url encoded marshaled AS certificate.

EncodedIssuer is the the base64url encoded marshaled issuer certificate.

EncodedProtectedAS is the base64url encoded utf-8 metadata.

EncodedProtectedIssuer is the base64url encoded utf-8 metadata.

FormatVersion indicates the certificate format version.

KeyType indicates the type of the key authenticated by the certificate.