webpki

Struct Cert

Source 
pub struct Cert<'a> {
Show 13 fields
    pub(crate) serial: Input<'a>,
    pub(crate) signed_data: SignedData<'a>,
    pub(crate) issuer: Input<'a>,
    pub(crate) validity: Input<'a>,
    pub(crate) subject: Input<'a>,
    pub(crate) spki: Input<'a>,
    pub(crate) basic_constraints: Option<Input<'a>>,
    pub(crate) key_usage: Option<Input<'a>>,
    pub(crate) eku: Option<Input<'a>>,
    pub(crate) name_constraints: Option<Input<'a>>,
    pub(crate) subject_alt_name: Option<Input<'a>>,
    pub(crate) crl_distribution_points: Option<Input<'a>>,
    der: CertificateDer<'a>,

}
Expand description

A parsed X509 certificate.

Fields§

§serial: Input<'a>§signed_data: SignedData<'a>§issuer: Input<'a>§validity: Input<'a>§subject: Input<'a>§spki: Input<'a>§basic_constraints: Option<Input<'a>>§key_usage: Option<Input<'a>>§eku: Option<Input<'a>>§name_constraints: Option<Input<'a>>§subject_alt_name: Option<Input<'a>>§crl_distribution_points: Option<Input<'a>>§der: CertificateDer<'a>

Implementations§

Source§

impl<'a> Cert<'a>

Source

pub(crate) fn from_der(cert_der: Input<'a>) -> Result<Self, Error>

Source

pub fn valid_dns_names(&self) -> impl Iterator<Item = &str>

Returns a list of valid DNS names provided in the subject alternative names extension

This function must not be used to implement custom DNS name verification. Checking that a certificate is valid for a given subject name should always be done with EndEntityCert::verify_is_valid_for_subject_name.

Source

pub fn serial(&self) -> &[u8]

Raw certificate serial number.

This is in big-endian byte order, in twos-complement encoding.

If the caller were to add an INTEGER tag and suitable length, this would become a valid DER encoding.

Source

pub fn issuer(&self) -> &[u8]

Raw DER-encoded certificate issuer.

This does not include the outer SEQUENCE tag or length.

Source

pub fn subject(&self) -> &[u8]

Raw DER encoded certificate subject.

This does not include the outer SEQUENCE tag or length.

Source

pub fn subject_public_key_info(&self) -> SubjectPublicKeyInfoDer<'static>

Get the RFC 5280-compliant SubjectPublicKeyInfoDer (SPKI) of this Cert.

This does include the outer SEQUENCE tag and length.

Source

pub(crate) fn crl_distribution_points( &self, ) -> Option<impl Iterator<Item = Result<CrlDistributionPoint<'a>, Error>>>

Returns an iterator over the certificate’s cRLDistributionPoints extension values, if any.

Source

pub fn der(&self) -> CertificateDer<'a>

Raw DER-encoded representation of the certificate.

Trait Implementations§

Source§

impl<'a> From<Cert<'a>> for TrustAnchor<'a>

Source§

fn from(cert: Cert<'a>) -> Self

Converts to this type from the input type.

Auto Trait Implementations§

§

impl<'a> Freeze for Cert<'a>

§

impl<'a> RefUnwindSafe for Cert<'a>

§

impl<'a> Send for Cert<'a>

§

impl<'a> Sync for Cert<'a>

§

impl<'a> Unpin for Cert<'a>

§

impl<'a> UnwindSafe for Cert<'a>

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.