Struct rustls::client::WebPkiVerifier
source · [−]pub struct WebPkiVerifier { /* private fields */ }
Expand description
Default ServerCertVerifier
, see the trait impl for more information.
Implementations
sourceimpl WebPkiVerifier
impl WebPkiVerifier
sourcepub fn new(
roots: RootCertStore,
ct_policy: Option<CertificateTransparencyPolicy>
) -> Self
pub fn new(
roots: RootCertStore,
ct_policy: Option<CertificateTransparencyPolicy>
) -> Self
Constructs a new WebPkiVerifier
.
roots
is the set of trust anchors to trust for issuing server certs.
ct_logs
is the list of logs that are trusted for Certificate
Transparency. Currently CT log enforcement is opportunistic; see
https://github.com/rustls/rustls/issues/479.
sourcepub fn verification_schemes() -> Vec<SignatureScheme>
pub fn verification_schemes() -> Vec<SignatureScheme>
Returns the signature verification methods supported by webpki.
Trait Implementations
sourceimpl ServerCertVerifier for WebPkiVerifier
impl ServerCertVerifier for WebPkiVerifier
sourcefn verify_server_cert(
&self,
end_entity: &Certificate,
intermediates: &[Certificate],
server_name: &ServerName,
scts: &mut dyn Iterator<Item = &[u8]>,
ocsp_response: &[u8],
now: SystemTime
) -> Result<ServerCertVerified, Error>
fn verify_server_cert(
&self,
end_entity: &Certificate,
intermediates: &[Certificate],
server_name: &ServerName,
scts: &mut dyn Iterator<Item = &[u8]>,
ocsp_response: &[u8],
now: SystemTime
) -> Result<ServerCertVerified, Error>
Will verify the certificate is valid in the following ways:
- Signed by a trusted
RootCertStore
CA - Not Expired
- Valid for DNS entry
sourcefn verify_tls12_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
fn verify_tls12_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
Verify a signature allegedly by the given server certificate. Read more
sourcefn verify_tls13_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
fn verify_tls13_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
Verify a signature allegedly by the given server certificate. Read more
sourcefn supported_verify_schemes(&self) -> Vec<SignatureScheme>
fn supported_verify_schemes(&self) -> Vec<SignatureScheme>
Return the list of SignatureSchemes that this verifier will handle,
in
verify_tls12_signature
and verify_tls13_signature
calls. Read moresourcefn request_scts(&self) -> bool
fn request_scts(&self) -> bool
Returns
true
if Rustls should ask the server to send SCTs. Read moreAuto Trait Implementations
impl RefUnwindSafe for WebPkiVerifier
impl Send for WebPkiVerifier
impl Sync for WebPkiVerifier
impl Unpin for WebPkiVerifier
impl UnwindSafe for WebPkiVerifier
Blanket Implementations
sourceimpl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more