Struct PkiEnvironment &nbsp; Copy item path

impl PkiEnvironment

pub fn decode_pem_cert(pem: String) -> RustyX509CheckResult<Certificate>

pub fn decode_der_crl(crl_der: Vec<u8>) -> RustyX509CheckResult<CertificateList>

pub fn extract_ski_aki_from_cert( cert: &Certificate, ) -> RustyX509CheckResult<(String, Option<String>)>

pub fn encode_cert_to_der(cert: &Certificate) -> RustyX509CheckResult<Vec<u8>>

pub fn encode_crl_to_der(crl: &CertificateList) -> RustyX509CheckResult<Vec<u8>>

pub fn init( params: PkiEnvironmentParams<'_>, ) -> RustyX509CheckResult<PkiEnvironment>

Initializes a certval PkiEnvironment using the provided params

pub fn set_time_of_interest(&mut self, toi: u64)

Overrides TIME_OF_INTEREST for certificate verifications based on a moment in the past or future

pub fn refresh_time_of_interest(&mut self) -> RustyX509CheckResult<()>

Updates the TIME_OF_INTEREST for certificate checks to be now

pub fn validate_trust_anchor_cert( &self, cert: &Certificate, ) -> RustyX509CheckResult<()>

pub fn validate_crl(&self, crl: &CertificateList) -> RustyX509CheckResult<()>

👎Deprecated: This method is not to be used as it causes spurious verification failures because of re-encoding the DER repr of the CRL. Use validate_crl_with_raw

pub fn validate_crl_with_raw( &self, crl_raw: &[u8], ) -> RustyX509CheckResult<CertificateList>

pub fn validate_cert( &self, end_identity_cert: &Certificate, ) -> RustyX509CheckResult<()>

pub fn validate_cert_and_revocation( &self, end_identity_cert: &Certificate, ) -> RustyX509CheckResult<()>

Methods from Deref<Target = PkiEnvironment>§

pub fn clear_all_callbacks(&mut self)

clear_all_callbacks clears the contents of all function pointer and trait object vectors associated with an instance of [PkiEnvironment].

pub fn add_validate_path_callback( &mut self, c: fn(&PkiEnvironment, &BTreeMap<String, CertificationPathProcessingTypes>, &mut CertificationPath, &mut BTreeMap<&'static str, CertificationPathResultsTypes>) -> Result<(), Error>, )

add_validate_path_callback adds a [ValidatePath] callback to the list used by validate_path.

pub fn clear_validate_path_callbacks(&mut self)

clear_validate_path_callbacks clears the list of [ValidatePath] callbacks used by validate_path.

pub fn validate_path( &self, pe: &PkiEnvironment, cps: &BTreeMap<String, CertificationPathProcessingTypes>, cp: &mut CertificationPath, cpr: &mut BTreeMap<&'static str, CertificationPathResultsTypes>, ) -> Result<(), Error>

validate_path iterates over validate_path_callbacks until an authoritative answer is found or all options have been exhausted

pub fn add_calculate_hash_callback( &mut self, c: fn(&PkiEnvironment, &AlgorithmIdentifier<Any>, &[u8]) -> Result<Vec<u8>, Error>, )

add_calculate_hash_callback adds a [CalculateHash] callback to the list used by calculate_hash.

pub fn clear_calculate_hash_callbacks(&mut self)

clear_calculate_hash_callbacks clears the list of [CalculateHash] callbacks used by calculate_hash.

pub fn calculate_hash( &self, pe: &PkiEnvironment, hash_alg: &AlgorithmIdentifier<Any>, buffer_to_hash: &[u8], ) -> Result<Vec<u8>, Error>

calculate_hash iterates over calculate_hash_callbacks until an authoritative answer is found or all options have been exhausted

pub fn add_verify_signature_digest_callback( &mut self, c: fn(&PkiEnvironment, &[u8], &[u8], &AlgorithmIdentifier<Any>, &SubjectPublicKeyInfo<Any, BitString>) -> Result<(), Error>, )

add_verify_signature_digest_callback adds a [VerifySignatureDigest] callback to the list used by verify_signature_digest.

pub fn clear_verify_signature_digest_callbacks(&mut self)

clear_verify_signature_digest_callbacks clears the list of [VerifySignatureDigest] callbacks used by verify_signature_digest.

pub fn verify_signature_digest( &self, pe: &PkiEnvironment, hash_to_verify: &[u8], signature: &[u8], signature_alg: &AlgorithmIdentifier<Any>, spki: &SubjectPublicKeyInfo<Any, BitString>, ) -> Result<(), Error>

verify_signature_digest iterates over verify_signature_digest_callbacks until an authoritative answer is found or all options have been exhausted

pub fn add_verify_signature_message_callback( &mut self, c: fn(&PkiEnvironment, &[u8], &[u8], &AlgorithmIdentifier<Any>, &SubjectPublicKeyInfo<Any, BitString>) -> Result<(), Error>, )

add_verify_signature_message_callback adds a [VerifySignatureMessage] callback to the list used by verify_signature_message.

pub fn clear_verify_signature_message_callbacks(&mut self)

clear_verify_signature_message_callbacks clears the list of [VerifySignatureMessage] callbacks used by verify_signature_message.

pub fn verify_signature_message( &self, pe: &PkiEnvironment, message_to_verify: &[u8], signature: &[u8], signature_alg: &AlgorithmIdentifier<Any>, spki: &SubjectPublicKeyInfo<Any, BitString>, ) -> Result<(), Error>

verify_signature_message iterates over verify_signature_message_callbacks until an authoritative answer is found or all options have been exhausted

pub fn add_trust_anchor_source( &mut self, c: Box<dyn TrustAnchorSource + Send + Sync>, )

add_trust_anchor_source adds a [TrustAnchorSource] object to the list used by get_trust_anchor.

pub fn clear_trust_anchor_sources(&mut self)

clear_trust_anchor_sources clears the list of [TrustAnchorSource] objects used by get_trust_anchor.

pub fn get_trust_anchor( &self, skid: &[u8], ) -> Result<&PDVTrustAnchorChoice, Error>

get_trust_anchor iterates over trust_anchor_sources until an authoritative answer is found or all options have been exhausted

pub fn get_trust_anchors(&self) -> Result<Vec<&PDVTrustAnchorChoice>, Error>

get_trust_anchor iterates over trust_anchor_sources until an authoritative answer is found or all options have been exhausted

pub fn get_trust_anchor_by_hex_skid( &self, hex_skid: &str, ) -> Result<&PDVTrustAnchorChoice, Error>

get_trust_anchor_by_hex_skid returns a reference to a trust anchor corresponding to the presented hexadecimal SKID.

pub fn get_trust_anchor_for_target( &self, target: &PDVCertificate, ) -> Result<&PDVTrustAnchorChoice, Error>

get_trust_anchor_for_target takes a target certificate and returns a trust anchor that may be useful in verifying the certificate.

pub fn get_trust_anchor_by_name( &self, name: &RdnSequence, ) -> Result<&PDVTrustAnchorChoice, Error>

Retrieves a trust anchor for a given Name

pub fn get_cert_by_name(&self, name: &RdnSequence) -> Vec<&PDVCertificate>

Retrieves a set of certificates from certificate sources (i.e. intermediate CAs) matching a certain name

pub fn is_cert_a_trust_anchor( &self, target: &PDVCertificate, ) -> Result<(), Error>

is_cert_a_trust_anchor takes a target certificate indication if cert is a trust anchor.

pub fn is_trust_anchor( &self, target: &PDVTrustAnchorChoice, ) -> Result<(), Error>

is_trust_anchor takes a [PDVTrustAnchorChoice] indication if cert is a trust anchor.

pub fn add_certificate_source( &mut self, c: Box<dyn CertificateSource + Send + Sync>, )

add_certificate_source adds a [CertificateSource] object to the list.

pub fn clear_certificate_sources(&mut self)

clear_certificate_sources clears the list of [CertificateSource] objects.

pub fn get_intermediates(&self) -> Result<Vec<&PDVCertificate>, Error>

gives all the intermediate certificates

pub fn get_intermediates_by_skid( &self, skid: &[u8], ) -> Result<Vec<&PDVCertificate>, Error>

Fetches all intermediate certs matching a particular skid

pub fn add_crl_source(&mut self, c: Box<dyn CrlSource + Send + Sync>)

add_crl_source adds a [CrlSource] object to the list.

pub fn clear_crl_sources(&mut self)

clear_crl_sources clears the list of [CrlSource] objects.

pub fn get_all_crls(&self) -> Result<Vec<Vec<u8>>, Error>

Retrieves all the CRLs made available by the various [CrlSource] objects

pub fn get_crls(&self, cert: &PDVCertificate) -> Result<Vec<Vec<u8>>, Error>

Retrieves CRLs for given certificate from store

pub fn add_crl( &self, crl_buf: &[u8], crl: &CertificateList, uri: &str, ) -> Result<(), Error>

Adds a CRL to the store

pub fn add_revocation_cache( &mut self, c: Box<dyn RevocationStatusCache + Send + Sync>, )

add_revocation_cache adds a [RevocationStatusCache] object to the list.

pub fn clear_revocation_cache(&mut self)

clear_revocation_cache clears the list of [CertificateSource] objects.

pub fn get_status( &self, cert: &PDVCertificate, time_of_interest: u64, ) -> PathValidationStatus

Retrieves cached revocation status determination for given certificate from store

pub fn add_status( &self, cert: &PDVCertificate, next_update: u64, status: PathValidationStatus, )

Adds a cached revocation status determination to the store

pub fn get_paths_for_target( &self, pe: &PkiEnvironment, target: &PDVCertificate, paths: &mut Vec<CertificationPath>, threshold: usize, time_of_interest: u64, ) -> Result<(), Error>

get_paths_for_target takes a target certificate and a source for trust anchors and returns a vector of [CertificationPath] objects.

pub fn add_oid_lookup( &mut self, c: fn(&ObjectIdentifier) -> Result<String, Error>, )

add_oid_lookup adds a oid_lookup callback to the list used by get_trust_anchors.

pub fn clear_oid_lookups(&mut self)

clear_oid_lookups clears the list of oid_lookup callbacks used by oid_lookup.

pub fn oid_lookup(&self, oid: &ObjectIdentifier) -> String

oid_lookup takes an [ObjectIdentifier] and returns either a friendly name for the OID or the OID represented in dot notation.

pub fn add_check_remote( &mut self, c: Box<dyn CheckRemoteResource + Send + Sync>, )

add_check_remote adds a [CheckRemoteResource] object to the list.

pub fn clear_check_remote_callbacks(&mut self)

clear_check_remote_callbacks clears the list of [CheckRemoteResource] objects.

pub fn get_last_modified(&self, uri: &str) -> Option<String>

get_last_modified takes a URI and returns stored last modified value or None.

pub fn set_last_modified(&self, uri: &str, last_modified: &str)

Save last modified value, if desired

pub fn check_blocklist(&self, uri: &str) -> bool

Gets blocklist takes a URI and returns true if it is on blocklist and false otherwise

pub fn add_to_blocklist(&self, uri: &str)

Save blocklist, if desired

Trait Implementations§

impl Debug for PkiEnvironment

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl Deref for PkiEnvironment

type Target = PkiEnvironment

The resulting type after dereferencing.

fn deref(&self) -> &Self::Target

Dereferences the value.

impl DerefMut for PkiEnvironment

fn deref_mut(&mut self) -> &mut Self::Target

Mutably dereferences the value.

Auto Trait Implementations§

impl !UnwindSafe for PkiEnvironment

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<P, T> Receiver for P
where P: Deref<Target = T> + ?Sized, T: ?Sized,

type Target = T

🔬This is a nightly-only experimental API. (arbitrary_self_types)

The target type on which the method may be called.

impl<T> Same for T

type Output = T

Should always be Self

impl<T, U> TryFrom for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom>::Error>

Performs the conversion.

impl<T, U> TryInto for T
where U: TryFrom<T>,

type Error = >::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, >::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> ErasedDestructor for T
where T: 'static,