NewClientCreds uses ClientOptions to construct a TransportCredentials based on TLS.

NewCRL constructs new CRL from the provided byte array.

NewFileWatcherCRLProvider returns a new instance of the FileWatcherCRLProvider.

NewServerCreds uses ServerOptions to construct a TransportCredentials based on TLS.

NewStaticCRLProvider processes raw content of CRL files, adds parsed CRL structs into in-memory, and returns a new instance of the StaticCRLProvider.

ReadCRLFile reads a file from the provided path, and returns constructed CRL struct from it.

CertAndHostVerification indicates doing both certificate signature check and hostname check.

CertVerification indicates doing certificate signature check only.

RevocationRevoked means we found the CRL and the cert is revoked.

RevocationUndetermined means we couldn't find or verify a CRL for the cert.

RevocationUnrevoked means we found the CRL for the cert and the cert is not revoked.

SkipVerification indicates skipping both certificate signature check and hostname check.

ConnectionInfo contains the parameters available to users when implementing GetRootCertificates.

CRL contains a pkix.CertificateList and parsed extensions that aren't provided by the golang CRL parser.

FileWatcherCRLProvider implements the CRLProvider interface by periodically scanning CRLDirectory (see FileWatcherOptions) and storing CRL structs in-memory.

FileWatcherOptions represents a data structure holding a configuration for FileWatcherCRLProvider.

HandshakeVerificationInfo contains information about a handshake needed for verification for use when implementing the `PostHandshakeVerificationFunc` The fields in this struct are read-only.

IdentityCertificateOptions contains options to obtain identity certificates for both the client and the server.

Options contains the fields a user can configure when setting up TLS clients and servers.

PostHandshakeVerificationResults contains the information about results of PostHandshakeVerificationFunc.

RevocationOptions allows a user to configure certificate revocation behavior.

RootCertificateOptions contains options to obtain root trust certificates for both the client and the server.

RootCertificates is the result of GetRootCertificates.

StaticCRLProvider implements CRLProvider interface by accepting raw content of CRL files at creation time and storing parsed CRL structs in-memory.

CRLProvider is the interface to be implemented to enable custom CRL provider behavior, as defined in [gRFC A69].

PostHandshakeVerificationFunc is the function defined by users to perform custom verification checks after chain building and regular handshake verification has been completed.

VerificationType is the enum type that represents different levels of verification users could set, both on client side and on server side.