Trait webpki::CertRevocationList

source ·

pub trait CertRevocationList: Sealed {
    // Required methods
    fn issuer(&self) -> &[u8] ⓘ;
    fn find_serial(
        &self,
        serial: &[u8]
    ) -> Result<Option<BorrowedRevokedCert<'_>>, Error>;
    fn verify_signature(
        &self,
        supported_sig_algs: &[&SignatureAlgorithm],
        issuer_spki: &[u8]
    ) -> Result<(), Error>;
}

Expand description

Operations over a RFC 5280¹ profile Certificate Revocation List (CRL) required for revocation checking. Implemented by OwnedCertRevocationList and BorrowedCertRevocationList.

https://www.rfc-editor.org/rfc/rfc5280#section-5 ↩

Required Methods§

source

fn issuer(&self) -> &[u8] ⓘ

Return the DER encoded issuer of the CRL.

source

fn find_serial( &self, serial: &[u8] ) -> Result<Option<BorrowedRevokedCert<'_>>, Error>

Try to find a revoked certificate in the CRL by DER encoded serial number. This may yield an error if the CRL has malformed revoked certificates.

source

fn verify_signature( &self, supported_sig_algs: &[&SignatureAlgorithm], issuer_spki: &[u8] ) -> Result<(), Error>

Verify the CRL signature using the issuer’s subject public key information (SPKI) and a list of supported signature algorithms.

Trait webpki::CertRevocationList

Required Methods§

fn issuer(&self) -> &[u8] ⓘ

fn find_serial( &self, serial: &[u8] ) -> Result<Option<BorrowedRevokedCert<'_>>, Error>

fn verify_signature( &self, supported_sig_algs: &[&SignatureAlgorithm], issuer_spki: &[u8] ) -> Result<(), Error>

Implementors§

impl CertRevocationList for BorrowedCertRevocationList<'_>

impl CertRevocationList for OwnedCertRevocationList