Struct X509
pub struct X509(/* private fields */);
Expand description
An X509
public key certificate.
Implementations§
§impl X509
impl X509
pub fn builder() -> Result<X509Builder, ErrorStack>
pub fn builder() -> Result<X509Builder, ErrorStack>
Returns a new builder.
pub fn from_pem(pem: &[u8]) -> Result<X509, ErrorStack>
pub fn from_pem(pem: &[u8]) -> Result<X509, ErrorStack>
Deserializes a PEM-encoded X509 structure.
The input should have a header of -----BEGIN CERTIFICATE-----
.
This corresponds to PEM_read_bio_X509
.
pub fn from_der(der: &[u8]) -> Result<X509, ErrorStack>
pub fn from_der(der: &[u8]) -> Result<X509, ErrorStack>
Deserializes a DER-encoded X509 structure.
This corresponds to d2i_X509
.
pub fn stack_from_pem(pem: &[u8]) -> Result<Vec<X509>, ErrorStack>
pub fn stack_from_pem(pem: &[u8]) -> Result<Vec<X509>, ErrorStack>
Deserializes a list of PEM-formatted certificates.
This corresponds to PEM_read_bio_X509
.
Methods from Deref<Target = X509Ref>§
pub fn subject_name(&self) -> &X509NameRef
pub fn subject_name(&self) -> &X509NameRef
Returns this certificate’s subject name.
This corresponds to X509_get_subject_name
.
pub fn subject_name_hash(&self) -> u32
pub fn subject_name_hash(&self) -> u32
Returns the hash of the certificates subject
This corresponds to X509_subject_name_hash
.
pub fn subject_alt_names(&self) -> Option<Stack<GeneralName>>
pub fn subject_alt_names(&self) -> Option<Stack<GeneralName>>
Returns this certificate’s subject alternative name entries, if they exist.
This corresponds to X509_get_ext_d2i
.
pub fn issuer_name(&self) -> &X509NameRef
pub fn issuer_name(&self) -> &X509NameRef
Returns this certificate’s issuer name.
This corresponds to X509_get_issuer_name
.
pub fn issuer_alt_names(&self) -> Option<Stack<GeneralName>>
pub fn issuer_alt_names(&self) -> Option<Stack<GeneralName>>
Returns this certificate’s issuer alternative name entries, if they exist.
This corresponds to X509_get_ext_d2i
.
pub fn subject_key_id(&self) -> Option<&Asn1StringRef>
pub fn subject_key_id(&self) -> Option<&Asn1StringRef>
Returns this certificate’s subject key id, if it exists.
This corresponds to X509_get0_subject_key_id
.
Returns this certificate’s authority key id, if it exists.
This corresponds to X509_get0_authority_key_id
.
pub fn public_key(&self) -> Result<PKey<Public>, ErrorStack>
pub fn public_key(&self) -> Result<PKey<Public>, ErrorStack>
This corresponds to X509_get_pubkey
.
pub fn digest(
&self,
hash_type: MessageDigest,
) -> Result<DigestBytes, ErrorStack>
pub fn digest( &self, hash_type: MessageDigest, ) -> Result<DigestBytes, ErrorStack>
Returns a digest of the DER representation of the certificate.
This corresponds to X509_digest
.
pub fn fingerprint( &self, hash_type: MessageDigest, ) -> Result<Vec<u8>, ErrorStack>
pub fn not_after(&self) -> &Asn1TimeRef
pub fn not_after(&self) -> &Asn1TimeRef
Returns the certificate’s Not After validity period.
This corresponds to X509_getm_notAfter
.
pub fn not_before(&self) -> &Asn1TimeRef
pub fn not_before(&self) -> &Asn1TimeRef
Returns the certificate’s Not Before validity period.
This corresponds to X509_getm_notBefore
.
pub fn signature(&self) -> &Asn1BitStringRef
pub fn signature(&self) -> &Asn1BitStringRef
Returns the certificate’s signature
This corresponds to X509_get0_signature
.
pub fn signature_algorithm(&self) -> &X509AlgorithmRef
pub fn signature_algorithm(&self) -> &X509AlgorithmRef
Returns the certificate’s signature algorithm.
This corresponds to X509_get0_signature
.
pub fn ocsp_responders(&self) -> Result<Stack<OpensslString>, ErrorStack>
pub fn ocsp_responders(&self) -> Result<Stack<OpensslString>, ErrorStack>
Returns the list of OCSP responder URLs specified in the certificate’s Authority Information Access field.
This corresponds to X509_get1_ocsp
.
pub fn issued(&self, subject: &X509Ref) -> Result<(), X509VerifyError>
pub fn issued(&self, subject: &X509Ref) -> Result<(), X509VerifyError>
Checks that this certificate issued subject
.
This corresponds to X509_check_issued
.
pub fn verify<T>(&self, key: &PKeyRef<T>) -> Result<bool, ErrorStack>where
T: HasPublic,
pub fn verify<T>(&self, key: &PKeyRef<T>) -> Result<bool, ErrorStack>where
T: HasPublic,
Check if the certificate is signed using the given public key.
Only the signature is checked: no other checks (such as certificate chain validity) are performed.
Returns true
if verification succeeds.
This corresponds to X509_verify
.
pub fn serial_number(&self) -> &Asn1IntegerRef
pub fn serial_number(&self) -> &Asn1IntegerRef
Returns this certificate’s serial number.
This corresponds to X509_get_serialNumber
.
pub fn check_host(&self, host: &str) -> Result<bool, ErrorStack>
pub fn to_pem(&self) -> Result<Vec<u8>, ErrorStack>
pub fn to_pem(&self) -> Result<Vec<u8>, ErrorStack>
Serializes the certificate into a PEM-encoded X509 structure.
The output will have a header of -----BEGIN CERTIFICATE-----
.
This corresponds to PEM_write_bio_X509
.
Trait Implementations§
§impl BorrowMut<X509Ref> for X509
impl BorrowMut<X509Ref> for X509
§fn borrow_mut(&mut self) -> &mut X509Ref
fn borrow_mut(&mut self) -> &mut X509Ref
§impl ForeignType for X509
impl ForeignType for X509
§impl RamaTryFrom<&X509> for DataEncoding
impl RamaTryFrom<&X509> for DataEncoding
type Error = OpaqueError
fn rama_try_from( value: &X509, ) -> Result<DataEncoding, <DataEncoding as RamaTryFrom<&X509>>::Error>
impl Send for X509
impl Sync for X509
Auto Trait Implementations§
Blanket Implementations§
§impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
§impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
§impl<T> FutureExt for T
impl<T> FutureExt for T
§fn with_context(self, otel_cx: Context) -> WithContext<Self> ⓘ
fn with_context(self, otel_cx: Context) -> WithContext<Self> ⓘ
§fn with_current_context(self) -> WithContext<Self> ⓘ
fn with_current_context(self) -> WithContext<Self> ⓘ
§impl<T> Instrument for T
impl<T> Instrument for T
§fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
§fn in_current_span(self) -> Instrumented<Self> ⓘ
fn in_current_span(self) -> Instrumented<Self> ⓘ
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self> ⓘ
fn into_either(self, into_left: bool) -> Either<Self, Self> ⓘ
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self> ⓘ
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self> ⓘ
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read more§impl<T> Pointable for T
impl<T> Pointable for T
§impl<T> PolicyExt for Twhere
T: ?Sized,
impl<T> PolicyExt for Twhere
T: ?Sized,
§fn and<P, B, E>(self, other: P) -> And<T, P>
fn and<P, B, E>(self, other: P) -> And<T, P>
Policy
that returns Action::Follow
only if self
and other
return
Action::Follow
. Read more