Struct holochain::prelude::kitsune_p2p::dependencies::kitsune_p2p_types::dependencies::rustls::client::WebPkiVerifier
pub struct WebPkiVerifier { /* private fields */ }
Expand description
Default ServerCertVerifier
, see the trait impl for more information.
Implementations
impl WebPkiVerifier
impl WebPkiVerifier
pub fn new(
roots: RootCertStore,
ct_policy: Option<CertificateTransparencyPolicy>
) -> WebPkiVerifier
pub fn new(
roots: RootCertStore,
ct_policy: Option<CertificateTransparencyPolicy>
) -> WebPkiVerifier
Constructs a new WebPkiVerifier
.
roots
is the set of trust anchors to trust for issuing server certs.
ct_logs
is the list of logs that are trusted for Certificate
Transparency. Currently CT log enforcement is opportunistic; see
https://github.com/rustls/rustls/issues/479.
pub fn verification_schemes() -> Vec<SignatureScheme, Global> ⓘ
pub fn verification_schemes() -> Vec<SignatureScheme, Global> ⓘ
Returns the signature verification methods supported by webpki.
Trait Implementations
impl ServerCertVerifier for WebPkiVerifier
impl ServerCertVerifier for WebPkiVerifier
fn verify_server_cert(
&self,
end_entity: &Certificate,
intermediates: &[Certificate],
server_name: &ServerName,
scts: &mut dyn Iterator<Item = &[u8]>,
ocsp_response: &[u8],
now: SystemTime
) -> Result<ServerCertVerified, Error>
fn verify_server_cert(
&self,
end_entity: &Certificate,
intermediates: &[Certificate],
server_name: &ServerName,
scts: &mut dyn Iterator<Item = &[u8]>,
ocsp_response: &[u8],
now: SystemTime
) -> Result<ServerCertVerified, Error>
Will verify the certificate is valid in the following ways:
- Signed by a trusted
RootCertStore
CA - Not Expired
- Valid for DNS entry
fn verify_tls12_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
fn verify_tls12_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
Verify a signature allegedly by the given server certificate. Read more
fn verify_tls13_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
fn verify_tls13_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
Verify a signature allegedly by the given server certificate. Read more
fn supported_verify_schemes(&self) -> Vec<SignatureScheme, Global> ⓘ
fn supported_verify_schemes(&self) -> Vec<SignatureScheme, Global> ⓘ
Return the list of SignatureSchemes that this verifier will handle,
in
verify_tls12_signature
and verify_tls13_signature
calls. Read morefn request_scts(&self) -> bool
fn request_scts(&self) -> bool
Returns
true
if Rustls should ask the server to send SCTs. Read moreAuto Trait Implementations
impl RefUnwindSafe for WebPkiVerifier
impl Send for WebPkiVerifier
impl Sync for WebPkiVerifier
impl Unpin for WebPkiVerifier
impl UnwindSafe for WebPkiVerifier
Blanket Implementations
impl<T> Any for Twhere
T: Any + ?Sized,
impl<T> Any for Twhere
T: Any + ?Sized,
fn type_id_compat(&self) -> TypeId
fn type_id_compat(&self) -> TypeId
TODO: once 1.33.0 is the minimum supported compiler version, remove
Any::type_id_compat and use StdAny::type_id instead.
https://github.com/rust-lang/rust/issues/27745 Read more
impl<T> ArchivePointee for T
impl<T> ArchivePointee for T
type ArchivedMetadata = ()
type ArchivedMetadata = ()
The archived version of the pointer metadata for this type.
fn pointer_metadata(
_: &<T as ArchivePointee>::ArchivedMetadata
) -> <T as Pointee>::Metadata
fn pointer_metadata(
_: &<T as ArchivePointee>::ArchivedMetadata
) -> <T as Pointee>::Metadata
Converts some archived metadata to the pointer metadata for itself.
sourceimpl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
impl<F, W, T, D> Deserialize<With<T, W>, D> for Fwhere
W: DeserializeWith<F, T, D>,
D: Fallible + ?Sized,
F: ?Sized,
impl<F, W, T, D> Deserialize<With<T, W>, D> for Fwhere
W: DeserializeWith<F, T, D>,
D: Fallible + ?Sized,
F: ?Sized,
fn deserialize(
&self,
deserializer: &mut D
) -> Result<With<T, W>, <D as Fallible>::Error>
fn deserialize(
&self,
deserializer: &mut D
) -> Result<With<T, W>, <D as Fallible>::Error>
Deserializes using the given deserializer
impl<T> FutureExt for T
impl<T> FutureExt for T
fn with_context(self, otel_cx: Context) -> WithContext<Self> ⓘ
fn with_context(self, otel_cx: Context) -> WithContext<Self> ⓘ
fn with_current_context(self) -> WithContext<Self> ⓘ
fn with_current_context(self) -> WithContext<Self> ⓘ
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self> ⓘ
fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
sourcefn in_current_span(self) -> Instrumented<Self> ⓘ
fn in_current_span(self) -> Instrumented<Self> ⓘ
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self> ⓘ
fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
sourcefn in_current_span(self) -> Instrumented<Self> ⓘ
fn in_current_span(self) -> Instrumented<Self> ⓘ
impl<T> Pointable for T
impl<T> Pointable for T
impl<SS, SP> SupersetOf<SS> for SPwhere
SS: SubsetOf<SP>,
impl<SS, SP> SupersetOf<SS> for SPwhere
SS: SubsetOf<SP>,
fn to_subset(&self) -> Option<SS>
fn to_subset(&self) -> Option<SS>
The inverse inclusion map: attempts to construct
self
from the equivalent element of its
superset. Read morefn is_in_subset(&self) -> bool
fn is_in_subset(&self) -> bool
Checks if
self
is actually part of its subset T
(and can be converted to it).fn to_subset_unchecked(&self) -> SS
fn to_subset_unchecked(&self) -> SS
Use with care! Same as
self.to_subset
but without any property checks. Always succeeds.fn from_subset(element: &SS) -> SP
fn from_subset(element: &SS) -> SP
The inclusion map: converts
self
to the equivalent element of its superset.impl<T> Upcastable for Twhere
T: 'static + Any + Send + Sync,
impl<T> Upcastable for Twhere
T: 'static + Any + Send + Sync,
fn upcast_any_ref(&self) -> &(dyn Any + 'static)
fn upcast_any_ref(&self) -> &(dyn Any + 'static)
upcast ref
fn upcast_any_mut(&mut self) -> &mut (dyn Any + 'static)
fn upcast_any_mut(&mut self) -> &mut (dyn Any + 'static)
upcast mut ref