Trait webpki::crl::CertRevocationList

pub trait CertRevocationList: Sealed {
    // Required methods
    fn issuer(&self) -> &[u8] ;
    fn find_serial(
        &self,
        serial: &[u8],
    ) -> Result<Option<BorrowedRevokedCert<'_>>, Error>;
    fn verify_signature(
        &self,
        supported_sig_algs: &[&SignatureAlgorithm],
        issuer_spki: &[u8],
    ) -> Result<(), Error>;
}

Operations over a RFC 5280¹ profile Certificate Revocation List (CRL) required for revocation checking. Implemented by OwnedCertRevocationList and BorrowedCertRevocationList.

---

1. https://www.rfc-editor.org/rfc/rfc5280#section-5 ↩

Required Methods

fn issuer(&self) -> &[u8]

Return the DER encoded issuer of the CRL.

fn find_serial( &self, serial: &[u8], ) -> Result<Option<BorrowedRevokedCert<'_>>, Error>

Try to find a revoked certificate in the CRL by DER encoded serial number. This may yield an error if the CRL has malformed revoked certificates.

fn verify_signature( &self, supported_sig_algs: &[&SignatureAlgorithm], issuer_spki: &[u8], ) -> Result<(), Error>

Verify the CRL signature using the issuer’s subject public key information (SPKI) and a list of supported signature algorithms.

Implementors

impl CertRevocationList for BorrowedCertRevocationList<'_>

impl CertRevocationList for OwnedCertRevocationList