Module rcgen

Re-export of the rcgen crate.

Structs

Attribute

A PKCS #10 CSR attribute, as defined in RFC 5280 and constrained by RFC 2986.

BmpString

ASN.1 BMPString type.

Certificate

An issued certificate together with the parameters used to generate it.

CertificateParams

Parameters used for certificate generation

CertificateRevocationList

A certificate revocation list (CRL)

CertificateRevocationListParams

Parameters used for certificate revocation list (CRL) generation

CertificateSigningRequest

A certificate signing request (CSR) that can be encoded to PEM or DER.

CertificateSigningRequestParams

Parameters for a certificate signing request

CertifiedKey

An issued certificate, together with the subject keypair.

CrlDistributionPoint

A certificate revocation list (CRL) distribution point, to be included in a certificate’s distribution points extension or a CRL’s issuing distribution point extension

CrlIssuingDistributionPoint

A certificate revocation list (CRL) issuing distribution point, to be included in a CRL’s issuing distribution point extension.

CustomExtension

A custom extension of a certificate, as specified in RFC 5280

DistinguishedName

Distinguished name used e.g. for the issuer and subject fields of a certificate

DistinguishedNameIterator

Iterator over DistinguishedName entries

Ia5String

ASN.1 IA5String type.

KeyPair

A key pair used to sign certificates and CSRs

NameConstraints

The NameConstraints extension (only relevant for CA certificates)

PrintableString

ASN.1 PrintableString type.

PublicKey

A public key, extracted from a CSR

RevokedCertParams

Parameters used for describing a revoked certificate included in a CertificateRevocationList.

SerialNumber

A certificate serial number.

SignatureAlgorithm

Signature algorithm type

SubjectPublicKeyInfo

A public key

TeletexString

ASN.1 TeletexString type.

UniversalString

ASN.1 UniversalString type.

Enums

BasicConstraints

The path length constraint (only relevant for CA certificates)

CidrSubnet

CIDR subnet, as per RFC 4632

CrlScope

Describes the scope of a CRL for an issuing distribution point extension.

DnType

The attribute type of a distinguished name entry

DnValue

A distinguished name entry

Error

The error type of the rcgen crate

ExtendedKeyUsagePurpose

One of the purposes contained in the extended key usage extension

GeneralSubtree

General Subtree type.

InvalidAsn1String

Invalid ASN.1 string type

IsCa

Whether the certificate is allowed to sign other certificates

KeyIdMethod

Method to generate key identifiers from public keys.

KeyUsagePurpose

One of the purposes contained in the key usage extension

OtherNameValue

An OtherName value, defined in RFC 5280§4.1.2.4.

RevocationReason

Identifies the reason a certificate was revoked. See RFC 5280 §5.3.1

RsaKeySize

The key size used for RSA key generation

SanType

The type of subject alt name

Statics

PKCS_ECDSA_P256_SHA256

ECDSA signing using the P-256 curves and SHA-256 hashing as per RFC 5758

PKCS_ECDSA_P384_SHA384

ECDSA signing using the P-384 curves and SHA-384 hashing as per RFC 5758

PKCS_ECDSA_P521_SHA512

ECDSA signing using the P-521 curves and SHA-512 hashing as per RFC 5758 Currently this is only supported with the aws_lc_rs feature

PKCS_ED25519

ED25519 curve signing as per RFC 8410

PKCS_RSA_SHA256

RSA signing with PKCS#1 1.5 padding and SHA-256 hashing as per RFC 4055

PKCS_RSA_SHA384

RSA signing with PKCS#1 1.5 padding and SHA-256 hashing as per RFC 4055

PKCS_RSA_SHA512

RSA signing with PKCS#1 1.5 padding and SHA-512 hashing as per RFC 4055

Traits

PublicKeyData

The public key data of a key pair

RemoteKeyPair

A private key that is not directly accessible, but can be used to sign messages

Functions

date_time_ymd

Helper to obtain an OffsetDateTime from year, month, day values

generate_simple_self_signed

KISS function to generate a self signed certificate

Type Aliases

RcgenErrorDeprecated

Type-alias for the old name of Error.