Crate barebones_x509[−][src]
Expand description
A low-level X.509 parsing and certificate signature verification library.
barebones-x509 can verify the signatures of X.509 certificates, as well as certificates made by their private keys. It can also verify that a certificate is valid for the given time. However, it is (by design) very low-level: it does not know about any X.509 extensions, and does not parse distinguished names at all. It also provides no path-building facilities. As such, it is not intended for use with the web PKI; use webpki for that.
barebones-x509’s flexibiity is a double-edged sword: it allows it to be used in situations where webpki cannot be used, but it also makes it significantly more dangerous. As a general rule, barebones-x509 will accept any certificate that webpki will, but it will also accept certificates that webpki will reject. If you find a certificate that barebones-x509 rejects and webpki rejects, please report it as a bug.
barebones-x509 was developed for use with
libp2p, which uses certificates that webpki
cannot handle. Its bare-bones design ensures that it can handle almost any
conforming X.509 certificate, but it also means that the application is
responsible for ensuring that the certificate has valid X.509 extensions.
barebones-x509 cannot distinguish between a certificate valid for
mozilla.org
and one for evilmalware.com
! However, barebones-x509
does provide the hooks needed for higher-level libraries to be built on top
of it.
Like webpki, barebones-x509 is zero-copy and #![no_std]
friendly. If
built without the alloc
feature, barebones-x509 will not rely on features
of ring that require heap allocation, specifically RSA.
barebones-x509 should never panic on any input, regardless of its configuration options. If it does panic, it is considered a security vulnerability and will be fixed with the highest priority.
Features
barebones-x509
is highly configurable by means of compile-time options.
Code that is not used by most users is off by default and must be enabled by
means of a cargo feature. This reduces the attack surface of normal builds.
The following features are available:
legacy-certificates
: Allows parsing legacy v1 and v2 certificates. This is off by default.obsolete-unique-ids
: Allows parsing certificates containing the obsoletesubjectUniqueId
andissuerUniqueId
fields. This is off by default. ThesubjectUniqueId
andissuerUniqueId
fields available as theunique_id
field on theX509Certificate
struct. This feature is made available so thatbarebones-x509
can claim to be able to parse any valid X.509 certificate. If you do need to enable it, please e-mail me at demiobenour@gmail.com explaining the reason.
Structs
An ASN.1 timestamp.
A data-algorithm-signature structure
An iterator over X.509 extensions.
An iterator over X.509 sequences.
A PKIX SubjectPublicKeyInfo struct
A parsed (but not validated) X.509 version 3 certificate.
Enums
Errors that can be produced when parsing a certificate or validating a signature.
Restrictions on allowed signature algorithms
A signature scheme supported by this library
X509 certificate version
Constants
The largest timestamp that an ASN.1 GeneralizedTime can represent.
The smallest timestamp that an ASN.1 GeneralizedTime can represent.
Functions
We use our own version, instead of chrono, because:
Parse the ASN.1 DER-encoded algorithm identifier in asn1
into a
SignatureScheme
. This will fail if asn1
is not a known signature scheme.
Extracts the algorithm id and public key from a certificate
Convert an (hour, minute, second) tuple to a number of seconds since midnight or an error.