From bd1783e812bf10f5829b742135ef886623cccc5c Mon Sep 17 00:00:00 2001
From: Roland Shoemaker <roland@golang.org>
Date: Mon, 27 Jun 2022 16:23:37 -0700
Subject: [PATCH] crypto/x509: improve RevocationList documentation

Adds documentation for a handful of RevocationList fields.

Updates #50674

Change-Id: I26b838553d870b631deaf8b9a5b4d0b251fdef20
Reviewed-on: https://go-review.googlesource.com/c/go/+/414635
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
---
 src/crypto/x509/x509.go | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go
index e17df0dd94..87eb1f7720 100644
--- a/src/crypto/x509/x509.go
+++ b/src/crypto/x509/x509.go
@@ -2097,11 +2097,19 @@ func (c *CertificateRequest) CheckSignature() error {
 // RevocationList contains the fields used to create an X.509 v2 Certificate
 // Revocation list with CreateRevocationList.
 type RevocationList struct {
-	Raw                  []byte
+	// Raw contains the complete ASN.1 DER content of the CRL (tbsCertList,
+	// signatureAlgorithm, and signatureValue.)
+	Raw []byte
+	// RawTBSRevocationList contains just the tbsCertList portion of the ASN.1
+	// DER.
 	RawTBSRevocationList []byte
-	RawIssuer            []byte
+	// RawIssuer contains the DER encoded Issuer.
+	RawIssuer []byte
 
-	Issuer         pkix.Name
+	// Issuer contains the DN of the issuing certificate.
+	Issuer pkix.Name
+	// AuthorityKeyId is used to identify the public key associated with the
+	// issuing certificate.
 	AuthorityKeyId []byte
 
 	Signature []byte
-- 
2.50.0