Module cert_manager

Expand description

Certificate management and key revocation system.

This module provides a comprehensive certificate and key revocation infrastructure for managing trust relationships in the CHIE protocol. It includes:

Certificate issuance and lifecycle management
Certificate Revocation Lists (CRL)
Certificate chain validation
OCSP-like status checking
Time-based certificate expiration
Certificate renewal and rotation

§Example

use chie_crypto::cert_manager::*;
use chie_crypto::KeyPair;

// Create a certificate authority
let ca_keypair = KeyPair::generate();
let mut ca = CertificateAuthority::new(ca_keypair, "CHIE Root CA".to_string());

// Issue a certificate
let peer_keypair = KeyPair::generate();
let cert = ca.issue_certificate(
    peer_keypair.public_key(),
    "peer-001".to_string(),
    CertificateMetadata::default()
        .with_validity_days(365)
).unwrap();

// Verify the certificate
assert!(ca.verify_certificate(&cert).is_ok());

// Revoke the certificate
ca.revoke_certificate(&cert.serial_number, RevocationReason::KeyCompromise).unwrap();

// Check revocation status
assert!(ca.is_revoked(&cert.serial_number));

Structs§

Certificate: Digital certificate for peer identity.
CertificateAuthority: Certificate Authority for issuing and managing certificates.
CertificateMetadata: Certificate metadata and attributes.
CertificateRevocationList: Certificate Revocation List (CRL).
RevocationEntry: Certificate Revocation List entry.

Enums§

CertError: Errors that can occur in certificate management.
KeyUsage: Key usage flags for certificates.
RevocationReason: Reason for certificate revocation.

Type Aliases§

CertResult: Result type for certificate operations.

Module cert_manager

Module cert_manager Copy item path

§Example

Structs§

Enums§

Type Aliases§

Module cert_manager