Trait X509CertificateVisitor
pub trait X509CertificateVisitor {
Show 35 methods
// Provided methods
fn walk(&mut self, x509: &X509Certificate<'_>)
where Self: Sized { ... }
fn visit_tbs_certificate(&mut self, _tbs: &TbsCertificate<'_>) { ... }
fn visit_signature_algorithm(
&mut self,
_algorithm: &AlgorithmIdentifier<'_>,
) { ... }
fn visit_signature_value(&mut self, _signature: &BitString<'_>) { ... }
fn visit_version(&mut self, _version: &X509Version) { ... }
fn visit_serial_number(&mut self, _serial: &[u8]) { ... }
fn visit_tbs_signature_algorithm(
&mut self,
_algorithm: &AlgorithmIdentifier<'_>,
) { ... }
fn visit_issuer(&mut self, _name: &X509Name<'_>) { ... }
fn visit_validity(&mut self, _validity: &Validity) { ... }
fn visit_subject(&mut self, _name: &X509Name<'_>) { ... }
fn visit_subject_public_key_info(
&mut self,
_subject_pki: &SubjectPublicKeyInfo<'_>,
) { ... }
fn visit_issuer_unique_id(&mut self, _id: Option<&UniqueIdentifier<'_>>) { ... }
fn visit_subject_unique_id(&mut self, _id: Option<&UniqueIdentifier<'_>>) { ... }
fn pre_visit_extensions(&mut self, _extensions: &[X509Extension<'_>]) { ... }
fn visit_extension(&mut self, _extension: &X509Extension<'_>) { ... }
fn post_visit_extensions(&mut self, _extensions: &[X509Extension<'_>]) { ... }
fn visit_extension_aki(&mut self, _aki: &AuthorityKeyIdentifier<'_>) { ... }
fn visit_extension_ski(&mut self, _id: &KeyIdentifier<'_>) { ... }
fn visit_extension_key_usage(&mut self, _usage: &KeyUsage) { ... }
fn visit_extension_certificate_policies(
&mut self,
_policies: &Vec<PolicyInformation<'_>>,
) { ... }
fn visit_extension_subject_alternative_name(
&mut self,
_san: &SubjectAlternativeName<'_>,
) { ... }
fn visit_extension_issuer_alternative_name(
&mut self,
_ian: &IssuerAlternativeName<'_>,
) { ... }
fn visit_extension_basic_constraints(&mut self, _bc: &BasicConstraints) { ... }
fn visit_extension_name_constraints(
&mut self,
_constraints: &NameConstraints<'_>,
) { ... }
fn visit_extension_nscert_comment(&mut self, _nscert_comment: &str) { ... }
fn visit_extension_nscert_type(&mut self, _nscert_type: &NSCertType) { ... }
fn visit_extension_policy_constraints(
&mut self,
_constraints: &PolicyConstraints,
) { ... }
fn visit_extension_policy_mappings(
&mut self,
_mappings: &PolicyMappings<'_>,
) { ... }
fn visit_extension_extended_key_usage(
&mut self,
_usage: &ExtendedKeyUsage<'_>,
) { ... }
fn visit_extension_crl_distribution_points(
&mut self,
_crl: &CRLDistributionPoints<'_>,
) { ... }
fn visit_extension_inhibit_anypolicy(&mut self, _policy: &InhibitAnyPolicy) { ... }
fn visit_extension_authority_information_access(
&mut self,
_info: &AuthorityInfoAccess<'_>,
) { ... }
fn visit_extension_sct(&mut self, _sct: &[SignedCertificateTimestamp<'_>]) { ... }
fn visit_extension_unknown(&mut self, _ext: &X509Extension<'_>) { ... }
fn visit_extension_parse_error(
&mut self,
_extension: &X509Extension<'_>,
_error: &Err<Error>,
) { ... }
}rustls only.Expand description
Visitor pattern for X509Certificate
§Extensions
Visitor methods are provided for extensions, both in a generic way (receiving a X509Extension
object) and in a specific way for standard extensions (for ex, visit_extension_aki receives a
AuthorityKeyIdentifier).
For a specific method to be called, the extension OID must be correct and the extension must be successfully parsed as the specific type.
A specific method can be called multiple times, if the extension is present multiple times.
Extension parsing methods are redundant. This is not a problem because default methods do nothing,
but if a trait implementation provides several visit_extension... methods it must be aware
that it will visit the same extension multiple times.
§Example
use x509_parser::prelude::*;
use x509_parser::visitor::X509CertificateVisitor;
#[derive(Debug, Default)]
struct SubjectIssuerVisitor {
issuer: String,
subject: String,
is_ca: bool,
}
impl X509CertificateVisitor for SubjectIssuerVisitor {
fn visit_issuer(&mut self, name: &X509Name<'_>) {
self.issuer = name.to_string();
}
fn visit_subject(&mut self, name: &X509Name<'_>) {
self.subject = name.to_string();
}
fn visit_extension_basic_constraints(&mut self, bc: &BasicConstraints) {
self.is_ca = bc.ca;
}
}Provided Methods§
fn walk(&mut self, x509: &X509Certificate<'_>)where
Self: Sized,
fn walk(&mut self, x509: &X509Certificate<'_>)where
Self: Sized,
Run the provided visitor (self) over the X509Certificate object
fn visit_tbs_certificate(&mut self, _tbs: &TbsCertificate<'_>)
fn visit_tbs_certificate(&mut self, _tbs: &TbsCertificate<'_>)
Invoked for the “TBSCertificate” field of the X.509 Certificate, before visiting children
fn visit_signature_algorithm(&mut self, _algorithm: &AlgorithmIdentifier<'_>)
fn visit_signature_algorithm(&mut self, _algorithm: &AlgorithmIdentifier<'_>)
Invoked for the “signatureAlgorithm” field of the X.509 Certificate
Note: this is the “signatureAlgorithm” in the “Certificate” sequence. According to the specifications, it should be equal to “signature” field from the “TBSCertificate” sequence.
fn visit_signature_value(&mut self, _signature: &BitString<'_>)
fn visit_signature_value(&mut self, _signature: &BitString<'_>)
Invoked for the “signatureValue” field of the TBSCertificate
fn visit_version(&mut self, _version: &X509Version)
fn visit_version(&mut self, _version: &X509Version)
Invoked for the “version” field of the TBSCertificate
fn visit_serial_number(&mut self, _serial: &[u8])
fn visit_serial_number(&mut self, _serial: &[u8])
Invoked for the “serialNumber” field of the TBSCertificate
fn visit_tbs_signature_algorithm(
&mut self,
_algorithm: &AlgorithmIdentifier<'_>,
)
fn visit_tbs_signature_algorithm( &mut self, _algorithm: &AlgorithmIdentifier<'_>, )
Invoked for the “signature” field of the TBSCertificate
Note: this is the “signature” field from the “TBSCertificate” sequence. According to the specifications, it should be equal to “signatureAlgorithm” in the “Certificate” sequence.
fn visit_issuer(&mut self, _name: &X509Name<'_>)
fn visit_issuer(&mut self, _name: &X509Name<'_>)
Invoked for the “issuer” field of the TBSCertificate
fn visit_validity(&mut self, _validity: &Validity)
fn visit_validity(&mut self, _validity: &Validity)
Invoked for the “validity” field of the TBSCertificate
fn visit_subject(&mut self, _name: &X509Name<'_>)
fn visit_subject(&mut self, _name: &X509Name<'_>)
Invoked for the “subject” field of the TBSCertificate
fn visit_subject_public_key_info(
&mut self,
_subject_pki: &SubjectPublicKeyInfo<'_>,
)
fn visit_subject_public_key_info( &mut self, _subject_pki: &SubjectPublicKeyInfo<'_>, )
Invoked for the “subjectPublicKeyInfo” field of the TBSCertificate
fn visit_issuer_unique_id(&mut self, _id: Option<&UniqueIdentifier<'_>>)
fn visit_issuer_unique_id(&mut self, _id: Option<&UniqueIdentifier<'_>>)
Invoked for the “issuerUniqueID” field of the TBSCertificate
fn visit_subject_unique_id(&mut self, _id: Option<&UniqueIdentifier<'_>>)
fn visit_subject_unique_id(&mut self, _id: Option<&UniqueIdentifier<'_>>)
Invoked for the “subjectUniqueID” field of the TBSCertificate
fn pre_visit_extensions(&mut self, _extensions: &[X509Extension<'_>])
fn pre_visit_extensions(&mut self, _extensions: &[X509Extension<'_>])
Invoked for extensions, before visiting children
fn visit_extension(&mut self, _extension: &X509Extension<'_>)
fn visit_extension(&mut self, _extension: &X509Extension<'_>)
Invoked for any extension that appear in the X.509 Certificate
Note: this method may be redundant with any other extension visitor method
fn post_visit_extensions(&mut self, _extensions: &[X509Extension<'_>])
fn post_visit_extensions(&mut self, _extensions: &[X509Extension<'_>])
Invoked for extensions, after visiting children
fn visit_extension_aki(&mut self, _aki: &AuthorityKeyIdentifier<'_>)
fn visit_extension_aki(&mut self, _aki: &AuthorityKeyIdentifier<'_>)
Invoked for the “Authority Key Identifier” extension (if present)
fn visit_extension_ski(&mut self, _id: &KeyIdentifier<'_>)
fn visit_extension_ski(&mut self, _id: &KeyIdentifier<'_>)
Invoked for the “Subject Key Identifier” extension (if present)
fn visit_extension_key_usage(&mut self, _usage: &KeyUsage)
fn visit_extension_key_usage(&mut self, _usage: &KeyUsage)
Invoked for the “Key Usage” extension (if present)
fn visit_extension_certificate_policies(
&mut self,
_policies: &Vec<PolicyInformation<'_>>,
)
fn visit_extension_certificate_policies( &mut self, _policies: &Vec<PolicyInformation<'_>>, )
Invoked for the “Certificate Policies” extension (if present)
fn visit_extension_subject_alternative_name(
&mut self,
_san: &SubjectAlternativeName<'_>,
)
fn visit_extension_subject_alternative_name( &mut self, _san: &SubjectAlternativeName<'_>, )
Invoked for the “Subject Alternative Name” extension (if present)
fn visit_extension_issuer_alternative_name(
&mut self,
_ian: &IssuerAlternativeName<'_>,
)
fn visit_extension_issuer_alternative_name( &mut self, _ian: &IssuerAlternativeName<'_>, )
Invoked for the “Issuer Alternative Name” extension (if present)
fn visit_extension_basic_constraints(&mut self, _bc: &BasicConstraints)
fn visit_extension_basic_constraints(&mut self, _bc: &BasicConstraints)
Invoked for the “Basic Constraints” extension (if present)
fn visit_extension_name_constraints(
&mut self,
_constraints: &NameConstraints<'_>,
)
fn visit_extension_name_constraints( &mut self, _constraints: &NameConstraints<'_>, )
Invoked for the “Name Constraints” extension (if present)
fn visit_extension_nscert_comment(&mut self, _nscert_comment: &str)
fn visit_extension_nscert_comment(&mut self, _nscert_comment: &str)
Invoked for the “Name Constraints” extension (if present)
fn visit_extension_nscert_type(&mut self, _nscert_type: &NSCertType)
fn visit_extension_nscert_type(&mut self, _nscert_type: &NSCertType)
Invoked for the “Name Constraints” extension (if present)
fn visit_extension_policy_constraints(
&mut self,
_constraints: &PolicyConstraints,
)
fn visit_extension_policy_constraints( &mut self, _constraints: &PolicyConstraints, )
Invoked for the “Policy Constraints” extension (if present)
fn visit_extension_policy_mappings(&mut self, _mappings: &PolicyMappings<'_>)
fn visit_extension_policy_mappings(&mut self, _mappings: &PolicyMappings<'_>)
Invoked for the “Policy Mappings” extension (if present)
fn visit_extension_extended_key_usage(&mut self, _usage: &ExtendedKeyUsage<'_>)
fn visit_extension_extended_key_usage(&mut self, _usage: &ExtendedKeyUsage<'_>)
Invoked for the “Extended Key Usage” extension (if present)
fn visit_extension_crl_distribution_points(
&mut self,
_crl: &CRLDistributionPoints<'_>,
)
fn visit_extension_crl_distribution_points( &mut self, _crl: &CRLDistributionPoints<'_>, )
Invoked for the “CRL Distribution Points” extension (if present)
fn visit_extension_inhibit_anypolicy(&mut self, _policy: &InhibitAnyPolicy)
fn visit_extension_inhibit_anypolicy(&mut self, _policy: &InhibitAnyPolicy)
Invoked for the “Inhibit anyPolicy” extension (if present)
Invoked for the “Authority Information Access” extension (if present)
fn visit_extension_sct(&mut self, _sct: &[SignedCertificateTimestamp<'_>])
fn visit_extension_sct(&mut self, _sct: &[SignedCertificateTimestamp<'_>])
Invoked for the “Signed Certificate Timestamp” (SCT) extension (if present)
fn visit_extension_unknown(&mut self, _ext: &X509Extension<'_>)
fn visit_extension_unknown(&mut self, _ext: &X509Extension<'_>)
Invoked for any other extension than the specific (recognized) types
This can happen for several reasons:
- the parser did not recognize the extension content
- the parser was explicitly asked to not parse extension content
- the extension could be correct (for ex in a CRL), but is not supposed to be part of a Certificate
fn visit_extension_parse_error(
&mut self,
_extension: &X509Extension<'_>,
_error: &Err<Error>,
)
fn visit_extension_parse_error( &mut self, _extension: &X509Extension<'_>, _error: &Err<Error>, )
Invoked for any extension than caused a parse error
Normally, this should not match anything except for invalid data. This could match any known extension malformed or wrongly encoded.
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".