Download
certificate-transparency-go is a Go codebase for building and interacting with Certificate Transparency (CT) systems, from low-level parsing to full log operation. It includes forked ASN.1 and X.509 packages tailored to accept and analyze real-world certificates, including pre-certificates that stricter libraries would reject, supporting CT’s role as an ecosystem observatory. A TLS parsing library, CT data types, and multiple client libraries enable access to CT logs over HTTP and DNS, along with scanners for traversing entire logs. The repository also provides command-line tools for verifying signed certificate timestamps, inspecting certificates and CRLs, and querying logs. For operators, a “CT personality” integrates with Trillian so you can run a CT log backed by a verifiable transparency log. The project is structured for contributors, with generators, mocks, linting, and presubmit tooling to keep changes consistent and reliable.
Features
- Forked ASN.1 and X.509 libraries tolerant of real-world and pre-certificate encodings
- TLS parsing utilities and helpers for CT data structures
- HTTP and DNS client libraries for querying CT logs
- Log scanners and CLI tools for SCT verification, certificate and CRL inspection
- Trillian CT personality for running a CT log on a transparency log backend
- Developer tooling: presubmit scripts, linters, code generation, and mocks
Project Samples
