Expand description
§Attestation Validator
Validates attestation certificate chains and inspects attestation certificates.
Install it via cargo:
cargo install --locked attestation-validatorValidate and inspect the attestation certificate:
attestation-validator yubihsm2-attest-ca-crt-pem intermediate-pem attestation-cert.cer attestation-pemEach filename represents the next link in the chain. The entire chain is validated and the last certificate’s extensions are printed.
Using validator as a library:
use std::fs::File;
let mut validator = attestation_validator::Validator::default();
validator.add_from_pem(File::open("yubihsm2-attest-ca-crt-pem")?)?;
validator.add_from_pem(File::open("intermediate-pem")?)?;
let binding = std::fs::read("attestation-cert.cer")?;
validator.add_from_der(binding)?;
validator.add_from_pem(File::open("attestation-pem")?)?;
eprintln!(
"Extensions: {:#?}",
validator.leaf_extensions()?.to_yubihsm_attestation()
);§License
This project is licensed under either of:
at your option.
§Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in this crate by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
Structs§
- Extensions
- Represents certificate extensions.
- Validator
- Attestation validator.
- Yubi
HsmAttestation - YubiHSM specific attestation values.
Enums§
- Error
- Error when parsing artifacts or performing validation.
Type Aliases§
- Result
- Library-specific result type.