Skip to main content

Crate noxtls_x509

Crate noxtls_x509 

Source
Expand description

X.509 certificate parsing, minimal issuance helpers, PEM/DER bridging, and chain validation for NoxTLS.

The crate re-exports a flat API from the crate root: Certificate parsing, RSA/EC/X25519/X448 key material helpers, optional strict chain validation, and small DER writers used by tests and tooling.

Structs§

Certificate
Captures parsed certificate fields needed for PKI and TLS flows.
DerNode
Represents a parsed DER TLV node body with its ASN.1 tag.
Pkcs8PrivateKeyInfoDerParts
Holds PKCS#8 PrivateKeyInfo fields for algorithm dispatch and key extraction.
RsaPrivateKeyDerParts
Holds core PKCS#1 RSA private-key fields needed by current consumers.
RsaPublicKeyDerParts
Holds PKCS#1 RSA public-key modulus/exponent fields.
SpkiPublicKeyInfoDerParts
Holds SPKI fields for algorithm dispatch and key extraction.
ValidationOptions
Controls optional policy and revocation-related path validation requirements.
ValidationReport
Summarizes key properties of a validated certificate chain.

Enums§

ValidationError
Describes why certificate path validation failed.

Functions§

certificate_chain_pem_to_der_blocks
Parses all PEM CERTIFICATE blocks into DER bytes.
certificate_der_to_pem
Converts certificate DER bytes into PEM CERTIFICATE armor.
certificate_matches_hostname
Matches hostname against certificate DNS identities.
certificate_pem_to_der
Parses one PEM CERTIFICATE block into DER bytes.
der_to_file
Writes raw DER bytes to a file path.
der_to_pem
Converts DER bytes into PEM armor with caller-provided label.
der_to_pem_file
Encodes DER as PEM and writes it to a file path.
ec_private_key_der_to_pem_sec1
Converts SEC1 EC private-key DER bytes into PEM armor.
ec_private_key_pem_to_der_sec1
Parses one PEM SEC1 EC private-key block into DER bytes.
ed25519_private_key_from_pem_file_pkcs8
Reads one PKCS#8 PRIVATE KEY PEM file and parses it as Ed25519PrivateKey.
ed25519_private_key_from_pem_pkcs8
Builds Ed25519PrivateKey from PEM PKCS#8 PRIVATE KEY text.
ed25519_private_key_from_pkcs8_der
Builds Ed25519PrivateKey from PKCS#8 DER bytes for RFC 8410 Ed25519 keys.
ed25519_private_key_to_pem_file_pkcs8
Encodes Ed25519PrivateKey as PKCS#8 PEM and writes it to a file.
ed25519_private_key_to_pem_pkcs8
Serializes Ed25519PrivateKey into PEM PKCS#8 PRIVATE KEY.
ed25519_private_key_to_pkcs8_der
Serializes Ed25519PrivateKey into PKCS#8 DER (id-Ed25519).
ed25519_public_key_from_pem_spki
Builds Ed25519PublicKey from PEM SPKI PUBLIC KEY text.
ed25519_public_key_from_spki_der
Builds Ed25519PublicKey from DER SPKI bytes for RFC 8410 Ed25519 keys.
ed25519_public_key_to_pem_spki
Serializes Ed25519PublicKey into PEM SPKI PUBLIC KEY.
ed25519_public_key_to_spki_der
Serializes Ed25519PublicKey into SPKI DER (RFC 8410 id-Ed25519).
mldsa_public_key_from_spki_der
Builds MlDsaPublicKey from DER SPKI bytes for experimental ML-DSA keys.
p256_private_key_from_pem_file_pkcs8
Reads one PKCS#8 PRIVATE KEY PEM file and parses it as P256PrivateKey.
p256_private_key_from_pem_pkcs8
Builds P256PrivateKey from PEM PKCS#8 PRIVATE KEY text.
p256_private_key_from_pem_sec1
Builds P256PrivateKey from PEM SEC1 EC PRIVATE KEY text.
p256_private_key_from_pkcs8_der
Builds P256PrivateKey from PKCS#8 DER bytes for id-ecPublicKey + prime256v1.
p256_private_key_from_sec1_der
Builds P256PrivateKey from SEC1 ECPrivateKey DER bytes.
p256_private_key_to_pem_file_pkcs8
Encodes P256PrivateKey as PKCS#8 PEM and writes it to a file.
p256_private_key_to_pem_pkcs8
Serializes P256PrivateKey into PEM PKCS#8 PRIVATE KEY.
p256_private_key_to_pkcs8_der
Serializes P256PrivateKey into PKCS#8 DER (id-ecPublicKey + prime256v1).
p256_public_key_from_pem_spki
Builds P256PublicKey from PEM SPKI PUBLIC KEY text.
p256_public_key_from_spki_der
Builds P256PublicKey from DER SPKI bytes for id-ecPublicKey + prime256v1.
p256_public_key_to_pem_spki
Serializes P256PublicKey into PEM SPKI PUBLIC KEY.
p256_public_key_to_spki_der
Serializes P256PublicKey into SPKI DER (id-ecPublicKey + prime256v1).
parse_certificate
Parses a top-level DER certificate sequence and extracts core fields.
parse_der_length
Parses DER length octets and returns (content_length, length_octet_count).
parse_der_node
Parses one DER node from input and returns the node plus remaining bytes.
parse_ecdsa_signature_der
Parses DER-encoded ECDSA signature SEQUENCE { INTEGER r; INTEGER s } into 32-byte scalars.
parse_pkcs1_rsa_private_key_der
Parses PKCS#1 RSAPrivateKey DER and returns key field parts.
parse_pkcs1_rsa_public_key_der
Parses PKCS#1 RSAPublicKey DER and returns modulus/exponent fields.
parse_pkcs8_private_key_info_der
Parses PKCS#8 PrivateKeyInfo DER and extracts algorithm OID and key octets.
parse_spki_public_key_info_der
Parses SubjectPublicKeyInfo DER and extracts algorithm OID and key bit-string bytes.
pem_file_to_der
Reads one PEM block from file and decodes DER payload for label.
pem_file_to_der_blocks
Reads all matching PEM blocks from file and decodes DER payloads for label.
pem_to_der
Parses PEM armor into DER bytes and verifies expected label markers.
pem_to_der_blocks
Parses all PEM blocks matching label into DER payload bytes.
private_key_der_to_pem_pkcs8
Converts PKCS#8 private-key DER bytes into PEM armor.
private_key_pem_to_der_pkcs8
Parses one PEM PKCS#8 private-key block into DER bytes.
public_key_der_to_pem_spki
Converts SubjectPublicKeyInfo DER bytes into PEM armor.
public_key_pem_to_der_spki
Parses one PEM SPKI public-key block into DER bytes.
rsa_private_key_der_to_pem_pkcs1
Converts PKCS#1 RSA private-key DER bytes into PEM armor.
rsa_private_key_from_pem_pkcs1
Builds RsaPrivateKey from PEM PKCS#1 RSA PRIVATE KEY text.
rsa_private_key_from_pem_pkcs8
Builds RsaPrivateKey from PEM PKCS#8 PRIVATE KEY text.
rsa_private_key_from_pkcs1_der
Builds RsaPrivateKey from PKCS#1 DER bytes.
rsa_private_key_from_pkcs8_der
Builds RsaPrivateKey from PKCS#8 DER bytes for RSA keys.
rsa_private_key_pem_to_der_pkcs1
Parses one PEM PKCS#1 RSA private-key block into DER bytes.
rsa_public_key_der_to_pem_pkcs1
Converts PKCS#1 RSA public-key DER bytes into PEM armor.
rsa_public_key_from_pem_pkcs1
Builds RsaPublicKey from PEM PKCS#1 RSA PUBLIC KEY text.
rsa_public_key_from_pem_spki
Builds RsaPublicKey from PEM SPKI PUBLIC KEY text.
rsa_public_key_from_pkcs1_der
Builds RsaPublicKey from PKCS#1 DER bytes.
rsa_public_key_from_spki_der
Builds RsaPublicKey from DER SPKI bytes for RSA keys.
rsa_public_key_pem_to_der_pkcs1
Parses one PEM PKCS#1 RSA public-key block into DER bytes.
rsa_public_key_to_pem_pkcs1
Serializes RsaPublicKey into PEM PKCS#1 RSA PUBLIC KEY.
rsa_public_key_to_pem_spki
Serializes RsaPublicKey into PEM SPKI PUBLIC KEY.
rsa_public_key_to_spki_der
Serializes RsaPublicKey into SPKI DER using rsaEncryption OID.
validate_certificate_chain
Validates certificate chain with signature enforcement at each hop.
validate_certificate_chain_constraints_only
Validates certificate path constraints without enforcing signature checks.
validate_certificate_chain_strict
Validates certificate chain with explicit strict-signature naming for callers.
validate_certificate_chain_with_options
Validates certificate chain with caller-provided policy/revocation options.
verify_certificate_signature
Verifies one certificate signature using issuer public key material.
write_csr_p256_sha256
Writes a PKCS#10 CSR using ECDSA P-256 SHA-256.
write_csr_rsa_sha256
Writes a PKCS#10 CSR using RSA PKCS#1 v1.5 SHA-256.
write_der_bit_string
Writes DER BIT STRING encoding with zero unused bits.
write_der_integer
Writes DER INTEGER encoding for a positive integer value.
write_der_oid
Writes DER OBJECT IDENTIFIER encoding from content octets.
write_der_sequence
Writes DER SEQUENCE around already-encoded child elements.
write_minimal_certificate_der
Writes a minimal certificate-like DER structure for fixture generation workflows.
write_self_signed_certificate_p256_sha256
Writes a self-signed X.509 v3 certificate using ECDSA P-256 SHA-256.
write_self_signed_certificate_rsa_sha256
Writes a self-signed X.509 v3 certificate using RSA PKCS#1 v1.5 SHA-256.
x448_private_key_from_pem_file_pkcs8
Reads one PKCS#8 PRIVATE KEY PEM file and parses it as X448PrivateKey.
x448_private_key_from_pem_pkcs8
Builds X448PrivateKey from PEM PKCS#8 PRIVATE KEY text.
x448_private_key_from_pkcs8_der
Builds X448PrivateKey from PKCS#8 DER bytes for RFC 8410 X448 keys.
x448_private_key_to_pem_file_pkcs8
Encodes X448PrivateKey as PKCS#8 PEM and writes it to a file.
x448_private_key_to_pem_pkcs8
Serializes X448PrivateKey into PEM PKCS#8 PRIVATE KEY.
x448_private_key_to_pkcs8_der
Serializes X448PrivateKey into PKCS#8 DER (id-X448).
x448_public_key_from_pem_spki
Builds X448PublicKey from PEM SPKI PUBLIC KEY text.
x448_public_key_from_spki_der
Builds X448PublicKey from DER SPKI bytes for RFC 8410 X448 keys.
x448_public_key_to_pem_spki
Serializes X448PublicKey into PEM SPKI PUBLIC KEY.
x448_public_key_to_spki_der
Serializes X448PublicKey into SPKI DER (RFC 8410).
x25519_private_key_from_pem_file_pkcs8
Reads one PKCS#8 PRIVATE KEY PEM file and parses it as X25519PrivateKey.
x25519_private_key_from_pem_pkcs8
Builds X25519PrivateKey from PEM PKCS#8 PRIVATE KEY text.
x25519_private_key_from_pkcs8_der
Builds X25519PrivateKey from PKCS#8 DER bytes for RFC 8410 X25519 keys.
x25519_private_key_to_pem_file_pkcs8
Encodes X25519PrivateKey as PKCS#8 PEM and writes it to a file.
x25519_private_key_to_pem_pkcs8
Serializes X25519PrivateKey into PEM PKCS#8 PRIVATE KEY.
x25519_private_key_to_pkcs8_der
Serializes X25519PrivateKey into PKCS#8 DER (id-X25519).
x25519_public_key_from_pem_spki
Builds X25519PublicKey from PEM SPKI PUBLIC KEY text.
x25519_public_key_from_spki_der
Builds X25519PublicKey from DER SPKI bytes for RFC 8410 X25519 keys.
x25519_public_key_to_pem_spki
Serializes X25519PublicKey into PEM SPKI PUBLIC KEY.
x25519_public_key_to_spki_der
Serializes X25519PublicKey into SPKI DER (RFC 8410).