pkix-aia 0.1.0

Authority Information Access (AIA) fetcher trait and types for pkix-chain (RFC 5280 §4.2.2.1)
Documentation
  • Coverage
  • 100%
    17 out of 17 items documented3 out of 6 items with examples
  • Size
  • Source code size: 60.16 kB This is the summed size of all the files inside the crates.io package for this release.
  • Documentation size: 576.01 kB This is the summed size of all files generated by rustdoc for all configured targets
  • Ø build duration
  • this release: 10s Average build duration of successful builds.
  • all releases: 10s Average build duration of successful builds in releases after 2024-10-23.
  • Links
  • MarkAtwood/crate-pkix
    0 0 1
  • crates.io
  • Dependencies
  • Versions
  • Owners
  • MarkAtwood

pkix-aia

Authority Information Access (AIA) fetcher trait and types for pkix-chain, per RFC 5280 §4.2.2.1.

AIA is the certificate extension that carries caIssuers URIs pointing at the certificate's issuer. Chain-build code can follow these URIs to fetch missing intermediate certificates when the caller-supplied chain is incomplete.

This crate ships the trait surface only:

  • AiaError — failure modes for fetcher implementations. #[non_exhaustive], Clone + Debug + PartialEq + Eq + Send + Sync, optional serde support.
  • AiaFetcher trait — synchronous &self fetch with Result<Vec<u8>, AiaError> return; default-impl batch_fetch for multi-URI batches.
  • NoAiaFetcher — zero-sized unit struct that always returns FetchingDisabled; designed to be the default A: AiaFetcher placeholder in pkix-chain::Verifier.

Real HTTP fetching lives in a separate adapter crate, pkix-aia-http, which is also planned (PKIX-zkjb.5).

Architectural placement

pkix-chain  ----+------>  pkix-aia          (trait + error + no-op default)
                |
                +------>  pkix-aia-http     (real HTTP fetcher adapter)

pkix-chain's Verifier struct holds an A: AiaFetcher generic parameter that defaults to NoAiaFetcher. Callers who do not need AIA fetching see no API change; callers who do can plug in any AiaFetcher implementation, including HTTP adapters shipped by separate crates or in-process caching wrappers.

no_std and feature flags

The default build is no_std + alloc. Enabling std unlocks the AiaError::IoFailure variant (whose kind: std::io::ErrorKind field requires std::io) and the std::error::Error impl. Enabling serde derives Serialize / Deserialize on AiaError; with std + serde together, the IoFailure variant round-trips its kind field through a stable string label.

Status

Initial release: AiaError + AiaFetcher trait + NoAiaFetcher default. The remaining work under the PKIX-zkjb epic integrates the trait into pkix-chain::Verifier and ships the HTTP transport adapter (pkix-aia-http).

License

Apache-2.0 OR MIT