Struct CertificateRevocationList
pub struct CertificateRevocationList { /* private fields */ }
Expand description
A certificate revocation list (CRL)
§Example
extern crate rcgen;
use rcgen::*;
#[cfg(not(feature = "crypto"))]
struct MyKeyPair { public_key: Vec<u8> }
#[cfg(not(feature = "crypto"))]
impl SigningKey for MyKeyPair {
fn sign(&self, _: &[u8]) -> Result<Vec<u8>, rcgen::Error> { Ok(vec![]) }
}
#[cfg(not(feature = "crypto"))]
impl PublicKeyData for MyKeyPair {
fn der_bytes(&self) -> &[u8] { &self.public_key }
fn algorithm(&self) -> &'static SignatureAlgorithm { &PKCS_ED25519 }
}
// Generate a CRL issuer.
let mut issuer_params = CertificateParams::new(vec!["crl.issuer.example.com".to_string()]).unwrap();
issuer_params.serial_number = Some(SerialNumber::from(9999));
issuer_params.is_ca = IsCa::Ca(BasicConstraints::Unconstrained);
issuer_params.key_usages = vec![KeyUsagePurpose::KeyCertSign, KeyUsagePurpose::DigitalSignature, KeyUsagePurpose::CrlSign];
#[cfg(feature = "crypto")]
let key_pair = KeyPair::generate().unwrap();
#[cfg(not(feature = "crypto"))]
let key_pair = MyKeyPair { public_key: vec![] };
let issuer = Issuer::new(issuer_params, key_pair);
// Describe a revoked certificate.
let revoked_cert = RevokedCertParams{
serial_number: SerialNumber::from(9999),
revocation_time: date_time_ymd(2024, 06, 17),
reason_code: Some(RevocationReason::KeyCompromise),
invalidity_date: None,
};
// Create a CRL signed by the issuer, revoking revoked_cert.
let crl = CertificateRevocationListParams{
this_update: date_time_ymd(2023, 06, 17),
next_update: date_time_ymd(2024, 06, 17),
crl_number: SerialNumber::from(1234),
issuing_distribution_point: None,
revoked_certs: vec![revoked_cert],
#[cfg(feature = "crypto")]
key_identifier_method: KeyIdMethod::Sha256,
#[cfg(not(feature = "crypto"))]
key_identifier_method: KeyIdMethod::PreSpecified(vec![]),
}.signed_by(&issuer).unwrap();
Implementations§
§impl CertificateRevocationList
impl CertificateRevocationList
pub fn der(&self) -> &CertificateRevocationListDer<'static>
pub fn der(&self) -> &CertificateRevocationListDer<'static>
Get the CRL in DER encoded format.
CertificateRevocationListDer
implements Deref<Target = [u8]>
and AsRef<[u8]>
,
so you can easily extract the DER bytes from the return value.
Trait Implementations§
§impl Clone for CertificateRevocationList
impl Clone for CertificateRevocationList
§fn clone(&self) -> CertificateRevocationList
fn clone(&self) -> CertificateRevocationList
Returns a duplicate of the value. Read more
1.0.0 · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from
source
. Read more§impl Debug for CertificateRevocationList
impl Debug for CertificateRevocationList
§impl From<CertificateRevocationList> for CertificateRevocationListDer<'static>
impl From<CertificateRevocationList> for CertificateRevocationListDer<'static>
§fn from(crl: CertificateRevocationList) -> CertificateRevocationListDer<'static>
fn from(crl: CertificateRevocationList) -> CertificateRevocationListDer<'static>
Converts to this type from the input type.
§impl PartialEq for CertificateRevocationList
impl PartialEq for CertificateRevocationList
impl Eq for CertificateRevocationList
impl StructuralPartialEq for CertificateRevocationList
Auto Trait Implementations§
impl Freeze for CertificateRevocationList
impl RefUnwindSafe for CertificateRevocationList
impl Send for CertificateRevocationList
impl Sync for CertificateRevocationList
impl Unpin for CertificateRevocationList
impl UnwindSafe for CertificateRevocationList
Blanket Implementations§
§impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
§impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
Compare self to
key
and return true
if they are equal.§impl<T> FutureExt for T
impl<T> FutureExt for T
§fn with_context(self, otel_cx: Context) -> WithContext<Self> ⓘ
fn with_context(self, otel_cx: Context) -> WithContext<Self> ⓘ
§fn with_current_context(self) -> WithContext<Self> ⓘ
fn with_current_context(self) -> WithContext<Self> ⓘ
§impl<T> Instrument for T
impl<T> Instrument for T
§fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
§fn in_current_span(self) -> Instrumented<Self> ⓘ
fn in_current_span(self) -> Instrumented<Self> ⓘ
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self> ⓘ
fn into_either(self, into_left: bool) -> Either<Self, Self> ⓘ
Converts
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self> ⓘ
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self> ⓘ
Converts
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read more§impl<T> Pointable for T
impl<T> Pointable for T
§impl<T> PolicyExt for Twhere
T: ?Sized,
impl<T> PolicyExt for Twhere
T: ?Sized,
§fn and<P, B, E>(self, other: P) -> And<T, P>
fn and<P, B, E>(self, other: P) -> And<T, P>
Create a new
Policy
that returns Action::Follow
only if self
and other
return
Action::Follow
. Read more