Struct bearssl::br_x509_class_
[−]
[src]
#[repr(C)]pub struct br_x509_class_ { pub context_size: usize, pub start_chain: Option<unsafe extern "C" fn(_: *mut *const br_x509_class, _: *const c_char)>, pub start_cert: Option<unsafe extern "C" fn(_: *mut *const br_x509_class, _: u32)>, pub append: Option<unsafe extern "C" fn(_: *mut *const br_x509_class, _: *const c_uchar, _: usize)>, pub end_cert: Option<unsafe extern "C" fn(_: *mut *const br_x509_class)>, pub end_chain: Option<unsafe extern "C" fn(_: *mut *const br_x509_class) -> c_uint>, pub get_pkey: Option<unsafe extern "C" fn(_: *const *const br_x509_class, _: *mut c_uint) -> *const br_x509_pkey>, }
Fields
context_size: usize
\brief X.509 context size, in bytes.
start_chain: Option<unsafe extern "C" fn(_: *mut *const br_x509_class, _: *const c_char)>
\brief Start a new chain.
This method shall set the vtable (first field) of the context structure.
The server_name, if not NULL, will be considered as a
fully qualified domain name, to be matched against the dNSName
elements of the end-entity certificate's SAN extension (if there
is no SAN, then the Common Name from the subjectDN will be used).
If server_name is NULL then no such matching is performed.
\param ctx validation context.
\param server_name server name to match (or NULL).
start_cert: Option<unsafe extern "C" fn(_: *mut *const br_x509_class, _: u32)>
\brief Start a new certificate.
\param ctx validation context. \param length new certificate length (in bytes).
append: Option<unsafe extern "C" fn(_: *mut *const br_x509_class, _: *const c_uchar, _: usize)>
\brief Receive some bytes for the current certificate.
This function may be called several times in succession for
a given certificate. The caller guarantees that for each
call, len is not zero, and the sum of all chunk lengths
for a certificate matches the total certificate length which
was provided in the previous start_cert() call.
If the new certificate is empty (no byte at all) then this function won't be called at all.
\param ctx validation context. \param buf certificate data chunk. \param len certificate data chunk length (in bytes).
end_cert: Option<unsafe extern "C" fn(_: *mut *const br_x509_class)>
\brief Finish the current certificate.
This function is called when the end of the current certificate is reached.
\param ctx validation context.
end_chain: Option<unsafe extern "C" fn(_: *mut *const br_x509_class) -> c_uint>
\brief Finish the chain.
This function is called at the end of the chain. It shall
return either 0 if the validation was successful, or a
non-zero error code. The BR_ERR_X509_* constants are
error codes, though other values may be possible.
\param ctx validation context. \return 0 on success, or a non-zero error code.
get_pkey: Option<unsafe extern "C" fn(_: *const *const br_x509_class, _: *mut c_uint) -> *const br_x509_pkey>
\brief Get the resulting end-entity public key.
The decoded public key is returned. The returned pointer may be valid only as long as the context structure is unmodified, i.e. it may cease to be valid if the context is released or reused.
This function may return NULL if the validation failed.
However, returning a public key does not mean that the
validation was wholly successful; some engines may return
a decoded public key even if the chain did not end on a
trusted anchor.
If validation succeeded and usage is not NULL, then
*usage is filled with a combination of BR_KEYTYPE_SIGN
and/or BR_KEYTYPE_KEYX that specifies the validated key
usage types. It is the caller's responsibility to check
that value against the intended use of the public key.
\param ctx validation context.
\return the end-entity public key, or NULL.
Trait Implementations
impl Debug for br_x509_class_[src]
impl Copy for br_x509_class_[src]
impl Clone for br_x509_class_[src]
fn clone(&self) -> br_x509_class_[src]
Returns a copy of the value. Read more
fn clone_from(&mut self, source: &Self)1.0.0[src]
Performs copy-assignment from source. Read more