Trait webpki::crl::CertRevocationList
source · pub trait CertRevocationList: Sealed {
// Required methods
fn issuer(&self) -> &[u8] ⓘ;
fn find_serial(
&self,
serial: &[u8],
) -> Result<Option<BorrowedRevokedCert<'_>>, Error>;
fn verify_signature(
&self,
supported_sig_algs: &[&SignatureAlgorithm],
issuer_spki: &[u8],
) -> Result<(), Error>;
}
Expand description
Operations over a RFC 52801 profile Certificate Revocation List (CRL) required
for revocation checking. Implemented by OwnedCertRevocationList
and
BorrowedCertRevocationList
.
Required Methods§
sourcefn find_serial(
&self,
serial: &[u8],
) -> Result<Option<BorrowedRevokedCert<'_>>, Error>
fn find_serial( &self, serial: &[u8], ) -> Result<Option<BorrowedRevokedCert<'_>>, Error>
Try to find a revoked certificate in the CRL by DER encoded serial number. This may yield an error if the CRL has malformed revoked certificates.
sourcefn verify_signature(
&self,
supported_sig_algs: &[&SignatureAlgorithm],
issuer_spki: &[u8],
) -> Result<(), Error>
fn verify_signature( &self, supported_sig_algs: &[&SignatureAlgorithm], issuer_spki: &[u8], ) -> Result<(), Error>
Verify the CRL signature using the issuer’s subject public key information (SPKI) and a list of supported signature algorithms.