Crate webpki

source Β·
Expand description

webpki: Web PKI X.509 Certificate Validation.

See EndEntityCert’s documentation for a description of the certificate processing steps necessary for a TLS connection.

Β§Features

FeatureDescription
allocEnable features that require use of the heap. Currently all RSA signature algorithms require this feature.
stdEnable features that require libstd. Implies alloc.

Modules§

Structs§

  • An error indicating that an IpAddrRef could not built because the input could not be parsed as an IP address.
  • Borrowed representation of a RFC 5280 profile Certificate Revocation List (CRL).
  • Borrowed representation of a RFC 5280 profile Certificate Revocation List (CRL) revoked certificate entry.
  • A parsed X509 certificate.
  • Requires the alloc feature. A DNS Name suitable for use in the TLS Server Name Indication (SNI) extension and/or for use as the reference hostname for which to verify a certificate.
  • A reference to a DNS Name suitable for use in the TLS Server Name Indication (SNI) extension and/or for use as the reference hostname for which to verify a certificate.
  • An end-entity certificate.
  • An error indicating that a DnsNameRef could not built because the input is not a syntactically-valid DNS Name.
  • An error indicating that a SubjectNameRef could not built because the input is not a syntactically-valid DNS Name or IP address.
  • The expected key usage of a certificate.
  • Owned representation of a RFC 5280 profile Certificate Revocation List (CRL).
  • Owned representation of a RFC 5280 profile Certificate Revocation List (CRL) revoked certificate entry.
  • A signature algorithm.
  • The time type.
  • Trust anchors which may be used for authenticating clients.
  • Trust anchors which may be used for authenticating servers.
  • A trust anchor (a.k.a. root CA).

Enums§

  • An enumeration indicating whether a Cert is a leaf end-entity cert, or a linked list node from the CA Cert to a child Cert it issued.
  • An error that occurs during certificate validation or name validation.
  • Either a IPv4 or IPv6 address, plus its owned string representation
  • Either a IPv4 or IPv6 address, plus its borrowed string representation
  • Identifies the reason a certificate was revoked. See RFC 5280 Β§5.3.1[^1]
  • A DNS name or IP address, which borrows its text representation.

Statics§

Traits§

Functions§