Expand description
Things that are only useful if you are doing your own API calling.
Note that the RFC calls inclusion proof “audit proof”.
Modules§
- leaf_
hash_ constructors - Turn some raw leaf data into leaf hash.
- openssl_
ffi - Because
opensslcrate is incomplete.
Structs§
- Consistency
Proof Part - A subtree hash provided by the server in a consistency proof.
- Fetch
Inclusion Proof Result - Leaf
- A parsed leaf.
Functions§
- check_
consistency_ proof - Fetch the consistency proof from prev_size to next_size from the server and
verifies it, returning a
Vec<ConsistencyProofPart>if successful, which can later be used to verify the integrity of certificates downloaded from the server later. AnErr(...)is returned if the proof is invalid, or some network error happened during the request. - check_
inclusion_ proof - Fetch the required inclusion proof from the server and see if it convinces us that
leaf_hashis in the tree with hashtree_hashand sizetree_size. On success, return the index number of the leaf corresponding with the hash. - check_
tree_ head - Check, verify and return the latest tree head from the CT log at
base_url. - consistency_
proof_ parts - Function used by
verify_consistency_proofto construct a consistency proof client side (which is used to check against the server proof) - fetch_
inclusion_ proof - get_
entries - Request leaf entries from the CT log. Does not verify if these entries are consistent with the tree or anything like that. Returns an iterator over the leaves.
- get_
json - Perform a GET request and parse the result as a JSON.
- hash_
inclusion_ proof - Attempt to derive the root hash from the server provided inclusion proof and our calculated proof_parts.
- inclusion_
proof_ parts - Returns an array of
Range<u64>s. Each x..y denotes that this part of the proof should be the hash of the subtree formed by leafs with number [x, y). - new_
http_ client - Construct a new
reqwest::Clientto be used with the functions in this module. You don’t necessary need to use this. - verify_
consistency_ proof - Verify that the consistency proof given by
server_provided_proofgets us fromperv_roottonext_root, returning anOk(Vec<ConsistencyProofPart>)if the proof checks, otherwise aErr(String)describing why the proof is invalid. - verify_
dss - Verifies a TLS digitally-signed struct (see the TLS RFC for more info.)
- verify_
dss_ raw - Verifies a raw, ASN.1 encoded signature.