Trait webpki::CertRevocationList

source ·
pub trait CertRevocationList: Sealed {
    // Required methods
    fn issuer(&self) -> &[u8] ;
    fn find_serial(
        &self,
        serial: &[u8],
    ) -> Result<Option<BorrowedRevokedCert<'_>>, Error>;
    fn verify_signature(
        &self,
        supported_sig_algs: &[&SignatureAlgorithm],
        issuer_spki: &[u8],
    ) -> Result<(), Error>;
}
Expand description

Operations over a RFC 52801 profile Certificate Revocation List (CRL) required for revocation checking. Implemented by OwnedCertRevocationList and BorrowedCertRevocationList.

Required Methods§

source

fn issuer(&self) -> &[u8]

Return the DER encoded issuer of the CRL.

source

fn find_serial( &self, serial: &[u8], ) -> Result<Option<BorrowedRevokedCert<'_>>, Error>

Try to find a revoked certificate in the CRL by DER encoded serial number. This may yield an error if the CRL has malformed revoked certificates.

source

fn verify_signature( &self, supported_sig_algs: &[&SignatureAlgorithm], issuer_spki: &[u8], ) -> Result<(), Error>

Verify the CRL signature using the issuer’s subject public key information (SPKI) and a list of supported signature algorithms.

Implementors§