harperdb/security/certificateVerification/crlVerification.d.ts

HarperDB is a distributed database, caching service, streaming broker, and application development platform focused on performance and ease of use.

/**
 * CRL (Certificate Revocation List) verification
 */
import type { CertificateVerificationResult, CRLCheckResult, CRLConfig } from './types.ts';
/**
 * Custom error for CRL signature verification failures
 * This distinguishes security failures (invalid signatures) from operational failures (network, timeout)
 */
export declare class CRLSignatureVerificationError extends Error {
    constructor(message: string);
}
/**
 * Verify CRL status of a client certificate
 * @param certPem - Client certificate as Buffer (DER format)
 * @param issuerPem - Issuer (CA) certificate as Buffer (DER format)
 * @param config - CRL configuration
 * @param crlUrls - Optional pre-extracted CRL distribution point URLs (avoids re-parsing)
 * @returns Promise resolving to verification result
 */
export declare function verifyCRL(certPem: Buffer, issuerPem: Buffer, config?: CRLConfig, crlUrls?: string[]): Promise<CertificateVerificationResult>;
/**
 * Perform the actual CRL check by looking up the certificate in the revoked certificates table
 * @param certPem - Certificate in PEM format
 * @param issuerPem - Issuer certificate in PEM format
 * @param config - CRL configuration
 * @param crlUrls - Optional pre-extracted CRL distribution point URLs (avoids re-parsing)
 * @returns CRL check result
 */
export declare function performCRLCheck(certPem: string, issuerPem: string, config: CRLConfig, crlUrls?: string[]): Promise<CRLCheckResult>;