1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81
//! Certificate-related types
pub use x509_cert as x509;
use core::cmp::Ordering;
use der::{asn1::ObjectIdentifier, Any, Choice, Sequence, ValueOrd};
use x509_cert::name::Name;
use x509_cert::serial_number::SerialNumber;
use x509_cert::Certificate;
/// The `CertificateChoices` type is defined in [RFC 5652 Section 10.2.2]. Attribute certificate
/// support is not presently implemented.
///
/// ```text
/// CertificateChoices ::= CHOICE {
/// certificate Certificate,
/// extendedCertificate [0] IMPLICIT ExtendedCertificate,
/// -- Obsolete
/// ...,
/// -- [[3: v1AttrCert [1] IMPLICIT AttributeCertificateV1]],
/// -- Obsolete
/// -- [[4: v2AttrCert [2] IMPLICIT AttributeCertificateV2]],
/// [[5: other [3] IMPLICIT OtherCertificateFormat]] }
/// ```
///
/// [RFC 5652 Section 10.2.2]: https://www.rfc-editor.org/rfc/rfc5652#section-10.2.2
#[derive(Clone, Debug, Eq, PartialEq, Choice)]
#[allow(missing_docs)]
#[allow(clippy::large_enum_variant)]
pub enum CertificateChoices {
Certificate(Certificate),
#[asn1(context_specific = "3", tag_mode = "EXPLICIT", constructed = "true")]
Other(OtherCertificateFormat),
// TODO DEFER add more choices if desired (i.e., AttributeCertificateV2)
}
// TODO DEFER ValueOrd is not supported for CHOICE types (see new_enum in value_ord.rs)
impl ValueOrd for CertificateChoices {
fn value_cmp(&self, other: &Self) -> der::Result<Ordering> {
use der::DerOrd;
use der::Encode;
self.to_der()?.der_cmp(&other.to_der()?)
}
}
// TODO DEFER implement support for attribute certs if desired
// AttributeCertificateV2 ::= AttributeCertificate
/// The `OtherCertificateFormat` type is defined in [RFC 5652 Section 10.2.2].
///
/// ```text
/// OtherCertificateFormat ::= SEQUENCE {
/// otherCertFormat OTHER-CERT-FMT.
/// &id({SupportedCertFormats}),
/// otherCert OTHER-CERT-FMT.
/// &Type({SupportedCertFormats}{@otherCertFormat})}
/// ```
///
/// [RFC 5652 Section 10.2.2]: https://www.rfc-editor.org/rfc/rfc5652#section-10.2.2
#[derive(Clone, Debug, Eq, PartialEq, Sequence)]
#[allow(missing_docs)]
pub struct OtherCertificateFormat {
pub other_cert_format: ObjectIdentifier,
pub other_cert: Any,
}
/// IssuerAndSerialNumber structure as defined in [RFC 5652 Section 10.2.4].
///
/// ```text
/// IssuerAndSerialNumber ::= SEQUENCE {
/// issuer Name,
/// serialNumber CertificateSerialNumber }
/// ```
///
/// [RFC 5652 Section 10.2.4]: https://datatracker.ietf.org/doc/html/rfc5652#section-10.2.4
#[derive(Clone, Debug, Eq, PartialEq, Sequence)]
#[allow(missing_docs)]
pub struct IssuerAndSerialNumber {
pub issuer: Name,
pub serial_number: SerialNumber,
}