Struct holochain::prelude::kitsune_p2p::dependencies::kitsune_p2p_types::dependencies::rustls::client::WebPkiVerifier
pub struct WebPkiVerifier { /* private fields */ }
Expand description
Default ServerCertVerifier
, see the trait impl for more information.
Implementations§
§impl WebPkiVerifier
impl WebPkiVerifier
pub fn new(
roots: RootCertStore,
ct_policy: Option<CertificateTransparencyPolicy>
) -> WebPkiVerifier
pub fn new( roots: RootCertStore, ct_policy: Option<CertificateTransparencyPolicy> ) -> WebPkiVerifier
Constructs a new WebPkiVerifier
.
roots
is the set of trust anchors to trust for issuing server certs.
ct_logs
is the list of logs that are trusted for Certificate
Transparency. Currently CT log enforcement is opportunistic; see
https://github.com/rustls/rustls/issues/479.
pub fn verification_schemes() -> Vec<SignatureScheme, Global>
pub fn verification_schemes() -> Vec<SignatureScheme, Global>
Returns the signature verification methods supported by webpki.
Trait Implementations§
§impl ServerCertVerifier for WebPkiVerifier
impl ServerCertVerifier for WebPkiVerifier
§fn verify_server_cert(
&self,
end_entity: &Certificate,
intermediates: &[Certificate],
server_name: &ServerName,
scts: &mut dyn Iterator<Item = &[u8]>,
ocsp_response: &[u8],
now: SystemTime
) -> Result<ServerCertVerified, Error>
fn verify_server_cert( &self, end_entity: &Certificate, intermediates: &[Certificate], server_name: &ServerName, scts: &mut dyn Iterator<Item = &[u8]>, ocsp_response: &[u8], now: SystemTime ) -> Result<ServerCertVerified, Error>
Will verify the certificate is valid in the following ways:
- Signed by a trusted
RootCertStore
CA - Not Expired
- Valid for DNS entry
§fn verify_tls12_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
fn verify_tls12_signature( &self, message: &[u8], cert: &Certificate, dss: &DigitallySignedStruct ) -> Result<HandshakeSignatureValid, Error>
Verify a signature allegedly by the given server certificate. Read more
§fn verify_tls13_signature(
&self,
message: &[u8],
cert: &Certificate,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
fn verify_tls13_signature( &self, message: &[u8], cert: &Certificate, dss: &DigitallySignedStruct ) -> Result<HandshakeSignatureValid, Error>
Verify a signature allegedly by the given server certificate. Read more
§fn supported_verify_schemes(&self) -> Vec<SignatureScheme, Global>
fn supported_verify_schemes(&self) -> Vec<SignatureScheme, Global>
Return the list of SignatureSchemes that this verifier will handle,
in
verify_tls12_signature
and verify_tls13_signature
calls. Read more§fn request_scts(&self) -> bool
fn request_scts(&self) -> bool
Returns
true
if Rustls should ask the server to send SCTs. Read moreAuto Trait Implementations§
impl RefUnwindSafe for WebPkiVerifier
impl Send for WebPkiVerifier
impl Sync for WebPkiVerifier
impl Unpin for WebPkiVerifier
impl UnwindSafe for WebPkiVerifier
Blanket Implementations§
§impl<T> ArchivePointee for T
impl<T> ArchivePointee for T
§type ArchivedMetadata = ()
type ArchivedMetadata = ()
The archived version of the pointer metadata for this type.
§fn pointer_metadata(
_: &<T as ArchivePointee>::ArchivedMetadata
) -> <T as Pointee>::Metadata
fn pointer_metadata( _: &<T as ArchivePointee>::ArchivedMetadata ) -> <T as Pointee>::Metadata
Converts some archived metadata to the pointer metadata for itself.
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
§impl<F, W, T, D> Deserialize<With<T, W>, D> for Fwhere
W: DeserializeWith<F, T, D>,
D: Fallible + ?Sized,
F: ?Sized,
impl<F, W, T, D> Deserialize<With<T, W>, D> for Fwhere W: DeserializeWith<F, T, D>, D: Fallible + ?Sized, F: ?Sized,
§fn deserialize(
&self,
deserializer: &mut D
) -> Result<With<T, W>, <D as Fallible>::Error>
fn deserialize( &self, deserializer: &mut D ) -> Result<With<T, W>, <D as Fallible>::Error>
Deserializes using the given deserializer
source§impl<T> Instrument for T
impl<T> Instrument for T
source§fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
source§fn in_current_span(self) -> Instrumented<Self> ⓘ
fn in_current_span(self) -> Instrumented<Self> ⓘ
source§impl<T> Instrument for T
impl<T> Instrument for T
source§fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
fn instrument(self, span: Span) -> Instrumented<Self> ⓘ
source§fn in_current_span(self) -> Instrumented<Self> ⓘ
fn in_current_span(self) -> Instrumented<Self> ⓘ
§impl<T> Pointable for T
impl<T> Pointable for T
§impl<SS, SP> SupersetOf<SS> for SPwhere
SS: SubsetOf<SP>,
impl<SS, SP> SupersetOf<SS> for SPwhere SS: SubsetOf<SP>,
§fn to_subset(&self) -> Option<SS>
fn to_subset(&self) -> Option<SS>
The inverse inclusion map: attempts to construct
self
from the equivalent element of its
superset. Read more§fn is_in_subset(&self) -> bool
fn is_in_subset(&self) -> bool
Checks if
self
is actually part of its subset T
(and can be converted to it).§fn to_subset_unchecked(&self) -> SS
fn to_subset_unchecked(&self) -> SS
Use with care! Same as
self.to_subset
but without any property checks. Always succeeds.§fn from_subset(element: &SS) -> SP
fn from_subset(element: &SS) -> SP
The inclusion map: converts
self
to the equivalent element of its superset.§impl<T> Upcastable for Twhere
T: Any + Send + Sync + 'static,
impl<T> Upcastable for Twhere T: Any + Send + Sync + 'static,
§fn upcast_any_ref(&self) -> &(dyn Any + 'static)
fn upcast_any_ref(&self) -> &(dyn Any + 'static)
upcast ref
§fn upcast_any_mut(&mut self) -> &mut (dyn Any + 'static)
fn upcast_any_mut(&mut self) -> &mut (dyn Any + 'static)
upcast mut ref