Struct x509_certificate::certificate::X509Certificate [−][src]
pub struct X509Certificate(_);
Provides an interface to the RFC 5280 rfc5280::Certificate ASN.1 type.
This type provides the main high-level API that this crate exposes for reading and writing X.509 certificates.
Instances are backed by an actual ASN.1 rfc5280::Certificate instance. Read operations are performed against the raw ASN.1 values. Mutations result in mutations of the ASN.1 data structures.
Instances can be converted to/from rfc5280::Certificate using traits. AsRef/AsMut are implemented to obtain a reference to the backing rfc5280::Certificate.
We have chosen not to implement Deref/DerefMut because we don’t want to pollute the type’s API with lower-level ASN.1 primitives.
This type does not track the original data from which it came. If you want a type that does that, consider CapturedX509Certificate, which implements Deref and therefore behaves like this type.
Implementations
impl X509Certificate
[src]
impl X509Certificate
[src]pub fn from_der(data: impl AsRef<[u8]>) -> Result<Self, Error>
[src]
pub fn from_der(data: impl AsRef<[u8]>) -> Result<Self, Error>
[src]Construct an instance by parsing DER encoded ASN.1 data.
pub fn from_ber(data: impl AsRef<[u8]>) -> Result<Self, Error>
[src]
pub fn from_ber(data: impl AsRef<[u8]>) -> Result<Self, Error>
[src]Construct an instance by parsing BER encoded ASN.1 data.
X.509 certificates are likely (and should be) using DER encoding. However, some specifications do mandate the use of BER, so this method is provided.
pub fn from_pem(data: impl AsRef<[u8]>) -> Result<Self, Error>
[src]
pub fn from_pem(data: impl AsRef<[u8]>) -> Result<Self, Error>
[src]Construct an instance by parsing PEM encoded ASN.1 data.
The data is a human readable string likely containing
--------- BEGIN CERTIFICATE ----------
.
pub fn from_pem_multiple(data: impl AsRef<[u8]>) -> Result<Vec<Self>, Error>
[src]
pub fn from_pem_multiple(data: impl AsRef<[u8]>) -> Result<Vec<Self>, Error>
[src]Construct instances by parsing PEM with potentially multiple records.
By default, we only look for --------- BEGIN CERTIFICATE --------
entries and silently ignore unknown ones. If you would like to specify
an alternate set of tags (this is the value after the BEGIN
) to search,
call Self::from_pem_multiple_tags.
pub fn from_pem_multiple_tags(
data: impl AsRef<[u8]>,
tags: &[&str]
) -> Result<Vec<Self>, Error>
[src]
pub fn from_pem_multiple_tags(
data: impl AsRef<[u8]>,
tags: &[&str]
) -> Result<Vec<Self>, Error>
[src]Construct instances by parsing PEM armored DER encoded certificates with specific PEM tags.
This is like Self::from_pem_multiple except you control the filter for
which BEGIN <tag>
values are filtered through to the DER parser.
pub fn serial_number_asn1(&self) -> &Integer
[src]
pub fn serial_number_asn1(&self) -> &Integer
[src]Obtain the serial number as the ASN.1 Integer type.
pub fn subject_name(&self) -> &Name
[src]
pub fn subject_name(&self) -> &Name
[src]Obtain the certificate’s subject, as its ASN.1 Name type.
pub fn subject_common_name(&self) -> Option<String>
[src]
pub fn subject_common_name(&self) -> Option<String>
[src]Obtain the Common Name (CN) attribute from the certificate’s subject, if set and decodable.
pub fn issuer_name(&self) -> &Name
[src]
pub fn issuer_name(&self) -> &Name
[src]Obtain the certificate’s issuer, as its ASN.1 Name type.
pub fn encode_der_to(&self, fh: &mut impl Write) -> Result<(), Error>
[src]
pub fn encode_der_to(&self, fh: &mut impl Write) -> Result<(), Error>
[src]Encode the certificate data structure using DER encoding.
(This is the common ASN.1 encoding format for X.509 certificates.)
This always serializes the internal ASN.1 data structure. If you call this on a wrapper type that has retained a copy of the original data, this may emit different data than that copy.
pub fn encode_ber_to(&self, fh: &mut impl Write) -> Result<(), Error>
[src]
pub fn encode_ber_to(&self, fh: &mut impl Write) -> Result<(), Error>
[src]Encode the certificate data structure use BER encoding.
pub fn encode_der(&self) -> Result<Vec<u8>, Error>
[src]
pub fn encode_der(&self) -> Result<Vec<u8>, Error>
[src]Encode the internal ASN.1 data structures to DER.
pub fn encode_ber(&self) -> Result<Vec<u8>, Error>
[src]
pub fn encode_ber(&self) -> Result<Vec<u8>, Error>
[src]Obtain the BER encoded representation of this certificate.
pub fn write_pem(&self, fh: &mut impl Write) -> Result<(), Error>
[src]
pub fn write_pem(&self, fh: &mut impl Write) -> Result<(), Error>
[src]Encode the certificate to PEM.
This will write a human-readable string with ------ BEGIN CERTIFICATE -------
armoring. This is a very common method for encoding certificates.
The underlying binary data is DER encoded.
pub fn encode_pem(&self) -> Result<String, Error>
[src]
pub fn encode_pem(&self) -> Result<String, Error>
[src]Encode the certificate to a PEM string.
pub fn key_algorithm(&self) -> Option<KeyAlgorithm>
[src]
pub fn key_algorithm(&self) -> Option<KeyAlgorithm>
[src]Attempt to resolve a known KeyAlgorithm used by the private key associated with this certificate.
If this crate isn’t aware of the OID associated with the key algorithm,
None
is returned.
pub fn key_algorithm_oid(&self) -> &Oid
[src]
pub fn key_algorithm_oid(&self) -> &Oid
[src]Obtain the OID of the private key’s algorithm.
pub fn signature_algorithm(&self) -> Option<SignatureAlgorithm>
[src]
pub fn signature_algorithm(&self) -> Option<SignatureAlgorithm>
[src]Obtain the SignatureAlgorithm used to sign this certificate.
Returns None if we failed to resolve an instance (probably because we don’t recognize that algorithm).
pub fn signature_algorithm_oid(&self) -> &Oid
[src]
pub fn signature_algorithm_oid(&self) -> &Oid
[src]Obtain the OID of the signature algorithm used to sign this certificate.
pub fn public_key_data(&self) -> Bytes
[src]
pub fn public_key_data(&self) -> Bytes
[src]Obtain the raw data constituting this certificate’s public key.
A copy of the data is returned.
pub fn compare_issuer(&self, other: &Self) -> Ordering
[src]
pub fn compare_issuer(&self, other: &Self) -> Ordering
[src]Compare 2 instances, sorting them so the issuer comes before the issued.
This function examines the Self::issuer_name and Self::subject_name fields of 2 certificates, attempting to sort them so the issuing certificate comes before the issued certificate.
This function performs a strict compare of the ASN.1 Name data. The assumption here is that the issuing certificate’s subject Name is identical to the issued’s issuer Name. This assumption is often true. But it likely isn’t always true, so this function may not produce reliable results.
pub fn subject_is_issuer(&self) -> bool
[src]
pub fn subject_is_issuer(&self) -> bool
[src]Trait Implementations
impl AsMut<Certificate> for X509Certificate
[src]
impl AsMut<Certificate> for X509Certificate
[src]fn as_mut(&mut self) -> &mut Certificate
[src]
fn as_mut(&mut self) -> &mut Certificate
[src]Performs the conversion.
impl AsRef<Certificate> for X509Certificate
[src]
impl AsRef<Certificate> for X509Certificate
[src]fn as_ref(&self) -> &Certificate
[src]
fn as_ref(&self) -> &Certificate
[src]Performs the conversion.
impl AsRef<X509Certificate> for CapturedX509Certificate
[src]
impl AsRef<X509Certificate> for CapturedX509Certificate
[src]fn as_ref(&self) -> &X509Certificate
[src]
fn as_ref(&self) -> &X509Certificate
[src]Performs the conversion.
impl Clone for X509Certificate
[src]
impl Clone for X509Certificate
[src]fn clone(&self) -> X509Certificate
[src]
fn clone(&self) -> X509Certificate
[src]Returns a copy of the value. Read more
fn clone_from(&mut self, source: &Self)
1.0.0[src]
fn clone_from(&mut self, source: &Self)
1.0.0[src]Performs copy-assignment from source
. Read more
impl Debug for X509Certificate
[src]
impl Debug for X509Certificate
[src]impl From<Certificate> for X509Certificate
[src]
impl From<Certificate> for X509Certificate
[src]fn from(v: Certificate) -> Self
[src]
fn from(v: Certificate) -> Self
[src]Performs the conversion.
impl From<X509Certificate> for Certificate
[src]
impl From<X509Certificate> for Certificate
[src]fn from(v: X509Certificate) -> Self
[src]
fn from(v: X509Certificate) -> Self
[src]Performs the conversion.
impl PartialEq<X509Certificate> for X509Certificate
[src]
impl PartialEq<X509Certificate> for X509Certificate
[src]fn eq(&self, other: &X509Certificate) -> bool
[src]
fn eq(&self, other: &X509Certificate) -> bool
[src]This method tests for self
and other
values to be equal, and is used
by ==
. Read more
fn ne(&self, other: &X509Certificate) -> bool
[src]
fn ne(&self, other: &X509Certificate) -> bool
[src]This method tests for !=
.
impl TryFrom<&'_ X509Certificate> for CapturedX509Certificate
[src]
impl TryFrom<&'_ X509Certificate> for CapturedX509Certificate
[src]impl Eq for X509Certificate
[src]
impl StructuralEq for X509Certificate
[src]
impl StructuralPartialEq for X509Certificate
[src]
Auto Trait Implementations
impl RefUnwindSafe for X509Certificate
impl Send for X509Certificate
impl Sync for X509Certificate
impl Unpin for X509Certificate
impl UnwindSafe for X509Certificate
Blanket Implementations
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]pub fn borrow_mut(&mut self) -> &mut T
[src]
pub fn borrow_mut(&mut self) -> &mut T
[src]Mutably borrows from an owned value. Read more
impl<T> ToOwned for T where
T: Clone,
[src]
impl<T> ToOwned for T where
T: Clone,
[src]type Owned = T
type Owned = T
The resulting type after obtaining ownership.
pub fn to_owned(&self) -> T
[src]
pub fn to_owned(&self) -> T
[src]Creates owned data from borrowed data, usually by cloning. Read more
pub fn clone_into(&self, target: &mut T)
[src]
pub fn clone_into(&self, target: &mut T)
[src]🔬 This is a nightly-only experimental API. (toowned_clone_into
)
recently added
Uses borrowed data to replace owned data, usually by cloning. Read more