Struct X509Builder
pub struct X509Builder(/* private fields */);
Expand description
A builder used to construct an X509
.
Implementations§
§impl X509Builder
impl X509Builder
pub fn new() -> Result<X509Builder, ErrorStack>
pub fn new() -> Result<X509Builder, ErrorStack>
Creates a new builder.
This corresponds to X509_new
.
pub fn set_not_after(
&mut self,
not_after: &Asn1TimeRef,
) -> Result<(), ErrorStack>
pub fn set_not_after( &mut self, not_after: &Asn1TimeRef, ) -> Result<(), ErrorStack>
Sets the notAfter constraint on the certificate.
This corresponds to X509_set1_notAfter
.
pub fn set_not_before(
&mut self,
not_before: &Asn1TimeRef,
) -> Result<(), ErrorStack>
pub fn set_not_before( &mut self, not_before: &Asn1TimeRef, ) -> Result<(), ErrorStack>
Sets the notBefore constraint on the certificate.
This corresponds to X509_set1_notBefore
.
pub fn set_version(&mut self, version: i32) -> Result<(), ErrorStack>
pub fn set_version(&mut self, version: i32) -> Result<(), ErrorStack>
Sets the version of the certificate.
Note that the version is zero-indexed; that is, a certificate corresponding to version 3 of
the X.509 standard should pass 2
to this method.
This corresponds to X509_set_version
.
pub fn set_serial_number(
&mut self,
serial_number: &Asn1IntegerRef,
) -> Result<(), ErrorStack>
pub fn set_serial_number( &mut self, serial_number: &Asn1IntegerRef, ) -> Result<(), ErrorStack>
Sets the serial number of the certificate.
This corresponds to X509_set_serialNumber
.
pub fn set_issuer_name(
&mut self,
issuer_name: &X509NameRef,
) -> Result<(), ErrorStack>
pub fn set_issuer_name( &mut self, issuer_name: &X509NameRef, ) -> Result<(), ErrorStack>
Sets the issuer name of the certificate.
This corresponds to X509_set_issuer_name
.
pub fn set_subject_name(
&mut self,
subject_name: &X509NameRef,
) -> Result<(), ErrorStack>
pub fn set_subject_name( &mut self, subject_name: &X509NameRef, ) -> Result<(), ErrorStack>
Sets the subject name of the certificate.
When building certificates, the C
, ST
, and O
options are common when using the openssl command line tools.
The CN
field is used for the common name, such as a DNS name.
use rama_boring::x509::{X509, X509NameBuilder};
let mut x509_name = rama_boring::x509::X509NameBuilder::new().unwrap();
x509_name.append_entry_by_text("C", "US").unwrap();
x509_name.append_entry_by_text("ST", "CA").unwrap();
x509_name.append_entry_by_text("O", "Some organization").unwrap();
x509_name.append_entry_by_text("CN", "www.example.com").unwrap();
let x509_name = x509_name.build();
let mut x509 = rama_boring::x509::X509::builder().unwrap();
x509.set_subject_name(&x509_name).unwrap();
This corresponds to X509_set_subject_name
.
pub fn set_pubkey<T>(&mut self, key: &PKeyRef<T>) -> Result<(), ErrorStack>where
T: HasPublic,
pub fn set_pubkey<T>(&mut self, key: &PKeyRef<T>) -> Result<(), ErrorStack>where
T: HasPublic,
Sets the public key associated with the certificate.
This corresponds to X509_set_pubkey
.
pub fn x509v3_context<'a>(
&'a self,
issuer: Option<&'a X509Ref>,
conf: Option<&'a ConfRef>,
) -> X509v3Context<'a>
pub fn x509v3_context<'a>( &'a self, issuer: Option<&'a X509Ref>, conf: Option<&'a ConfRef>, ) -> X509v3Context<'a>
Returns a context object which is needed to create certain X509 extension values.
Set issuer
to None
if the certificate will be self-signed.
This corresponds to X509V3_set_ctx
.
pub fn append_extension(
&mut self,
extension: X509Extension,
) -> Result<(), ErrorStack>
pub fn append_extension( &mut self, extension: X509Extension, ) -> Result<(), ErrorStack>
Adds an X509 extension value to the certificate.
This works just as append_extension
except it takes ownership of the X509Extension
.
pub fn append_extension2(
&mut self,
extension: &X509ExtensionRef,
) -> Result<(), ErrorStack>
pub fn append_extension2( &mut self, extension: &X509ExtensionRef, ) -> Result<(), ErrorStack>
Adds an X509 extension value to the certificate.
This corresponds to X509_add_ext
.
pub fn sign<T>(
&mut self,
key: &PKeyRef<T>,
hash: MessageDigest,
) -> Result<(), ErrorStack>where
T: HasPrivate,
pub fn sign<T>(
&mut self,
key: &PKeyRef<T>,
hash: MessageDigest,
) -> Result<(), ErrorStack>where
T: HasPrivate,
Signs the certificate with a private key.
This corresponds to X509_sign
.
Auto Trait Implementations§
impl Freeze for X509Builder
impl RefUnwindSafe for X509Builder
impl Send for X509Builder
impl Sync for X509Builder
impl Unpin for X509Builder
impl UnwindSafe for X509Builder
Blanket Implementations§
§impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
§impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
§impl<T> FutureExt for T
impl<T> FutureExt for T
§fn with_context(self, otel_cx: Context) -> WithContext<Self> ⓘ
fn with_context(self, otel_cx: Context) -> WithContext<Self> ⓘ
§fn with_current_context(self) -> WithContext<Self> ⓘ
fn with_current_context(self) -> WithContext<Self> ⓘ
§impl<T> Instrument for T
impl<T> Instrument for T
§fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
§fn in_current_span(self) -> Instrumented<Self> ⓘ
fn in_current_span(self) -> Instrumented<Self> ⓘ
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self> ⓘ
fn into_either(self, into_left: bool) -> Either<Self, Self> ⓘ
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self> ⓘ
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self> ⓘ
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read more§impl<T> Pointable for T
impl<T> Pointable for T
§impl<T> PolicyExt for Twhere
T: ?Sized,
impl<T> PolicyExt for Twhere
T: ?Sized,
§fn and<P, B, E>(self, other: P) -> And<T, P>
fn and<P, B, E>(self, other: P) -> And<T, P>
Policy
that returns Action::Follow
only if self
and other
return
Action::Follow
. Read more