var searchIndex = {};
searchIndex["webpki"] = {"doc":"webpki: Web PKI X.509 Certificate Validation.","items":[[3,"SignatureAlgorithm","webpki","A signature algorithm.",null,null],[3,"EndEntityCert","","An end-entity certificate.",null,null],[3,"TrustAnchor","","A trust anchor (a.k.a. root CA).",null,null],[12,"subject","","The value of the `subject` field of the trust anchor.",0,null],[12,"spki","","The value of the `subjectPublicKeyInfo` field of the trust anchor.",0,null],[12,"name_constraints","","The value of a DER-encoded NameConstraints, containing name\nconstraints to apply to the trust anchor, if any.",0,null],[4,"Error","","An error that occurs during certificate validation or name validation.",null,null],[13,"BadDER","","The encoding of some ASN.1 DER-encoded item is invalid.",1,null],[13,"BadDERTime","","The encoding of an ASN.1 DER-encoded time is invalid.",1,null],[13,"CAUsedAsEndEntity","","A CA certificate is veing used as an end-entity certificate.",1,null],[13,"CertExpired","","The certificate is expired; i.e. the time it is being validated for is\nlater than the certificate's notAfter time.",1,null],[13,"CertNotValidForName","","The certificate is not valid for the name it is being validated for.",1,null],[13,"CertNotValidYet","","The certificate is not valid yet; i.e. the time it is being validated\nfor is earlier than the certificate's notBefore time.",1,null],[13,"EndEntityUsedAsCA","","An end-entity certificate is being used as a CA certificate.",1,null],[13,"ExtensionValueInvalid","","An X.509 extension is invalid.",1,null],[13,"InvalidCertValidity","","The certificate validity period (notBefore, notAfter) is invalid; e.g.\nthe notAfter time is earlier than the notBefore time.",1,null],[13,"InvalidReferenceName","","The name that a certificate is being validated for is malformed. This\nis not a problem with the certificate, but with the name it is being\nvalidated for.",1,null],[13,"InvalidSignatureForPublicKey","","The signature is invalid for the given public key.",1,null],[13,"NameConstraintViolation","","The certificate violates one or more name constraints.",1,null],[13,"PathLenConstraintViolated","","The certificate violates one or more path length constraints.",1,null],[13,"SignatureAlgorithmMismatch","","The algorithm in the TBSCertificate "signature" field of a certificate\ndoes not match the algorithm in the signature of the certificate.",1,null],[13,"RequiredEKUNotFound","","The certificate is not valid for the Extended Key Usage for which it is\nbeing validated.",1,null],[13,"UnknownIssuer","","A valid issuer for the certificate could not be found.",1,null],[13,"UnsupportedCertVersion","","The certificate is not a v3 X.509 certificate.",1,null],[13,"UnsupportedCriticalExtension","","The certificate contains an unsupported critical extension.",1,null],[13,"UnsupportedSignatureAlgorithmForPublicKey","","The signature's algorithm does not match the algorithm of the public\nkey it is being validated for.",1,null],[13,"UnsupportedSignatureAlgorithm","","The signature algorithm for a signature is not in the set of supported\nsignature algorithms given.",1,null],[0,"trust_anchor_util","","Utilities for efficiently embedding trust anchors in programs.",null,null],[5,"cert_der_as_trust_anchor","webpki::trust_anchor_util","Interprets the given DER-encoded certificate as a `TrustAnchor`. The\ncertificate is not validated. In particular, there is no check that the\ncertificate is self-signed or even that the certificate has the cA basic\nconstraint.",null,{"inputs":[{"name":"input"}],"output":{"name":"result"}}],[5,"generate_code_for_trust_anchors","","Generates code for hard-coding the given trust anchors into a program. This\nis designed to be used in a build script. `name` is the name of the public\nstatic variable that will contain the TrustAnchor array.",null,null],[7,"ECDSA_P256_SHA1","webpki","ECDSA signatures using the P-256 curve and SHA-1. Deprecated.",null,null],[7,"ECDSA_P256_SHA256","","ECDSA signatures using the P-256 curve and SHA-256.",null,null],[7,"ECDSA_P256_SHA384","","ECDSA signatures using the P-256 curve and SHA-384. Deprecated.",null,null],[7,"ECDSA_P256_SHA512","","ECDSA signatures using the P-256 curve and SHA-512. Deprecated.",null,null],[7,"ECDSA_P384_SHA1","","ECDSA signatures using the P-384 curve and SHA-1. Deprecated.",null,null],[7,"ECDSA_P384_SHA256","","ECDSA signatures using the P-384 curve and SHA-256. Deprecated.",null,null],[7,"ECDSA_P384_SHA384","","ECDSA signatures using the P-384 curve and SHA-384.",null,null],[7,"ECDSA_P384_SHA512","","ECDSA signatures using the P-384 curve and SHA-512. Deprecated.",null,null],[7,"RSA_PKCS1_2048_8192_SHA1","","RSA PKCS#1 1.5 signatures using SHA-1 for keys of 2048-8192 bits.\nDeprecated.",null,null],[7,"RSA_PKCS1_2048_8192_SHA256","","RSA PKCS#1 1.5 signatures using SHA-256 for keys of 2048-8192 bits.",null,null],[7,"RSA_PKCS1_2048_8192_SHA384","","RSA PKCS#1 1.5 signatures using SHA-384 for keys of 2048-8192 bits.",null,null],[7,"RSA_PKCS1_2048_8192_SHA512","","RSA PKCS#1 1.5 signatures using SHA-512 for keys of 2048-8192 bits.",null,null],[7,"RSA_PKCS1_3072_8192_SHA384","","RSA PKCS#1 1.5 signatures using SHA-384 for keys of 3072-8192 bits.",null,null],[11,"from","","Parse the ASN.1 DER-encoded X.509 encoding of the certificate\n`cert_der`.",2,{"inputs":[{"name":"input"}],"output":{"name":"result"}}],[11,"verify_is_valid_tls_server_cert","","Verifies that the end-entity certificate is valid for use by a TLS\nserver.",2,null],[11,"verify_is_valid_for_dns_name","","Verifies that the certificate is valid for the given DNS host name.",2,null],[11,"verify_signature","","Verifies the signature `signature` of message `msg` using the\ncertificate's public key.",2,null],[11,"eq","","",1,null],[11,"fmt","","",1,null],[11,"clone","","",1,null],[11,"fmt","","",0,null]],"paths":[[3,"TrustAnchor"],[4,"Error"],[3,"EndEntityCert"]]};
initSearch(searchIndex);