Crate pkix_path_builder 

RFC 4158 certification path building for pkix_path.

Accepts an unordered collection of certificates (CertPool) and constructs a valid ordered chain suitable for pkix_path::validate_path.

Relationship to pkix-path

pkix-path validates a caller-ordered &[Certificate]. This crate handles the prior step: discovering and ordering that chain from a bag of certificates when the caller does not know the chain order in advance. Cross-certificates and bridge CA topologies are handled here, not in pkix-path.

Spec references

• RFC 4158 — Internet X.509 PKI: Certification Path Building
• RFC 5280 §6.1 — the validation algorithm this crate feeds into

Limitations

Not yet implemented. See PKIX-y2j.

Structs

CertPool

An unordered collection of certificates used as input to path building.

Enums

Error

Errors returned by path building.

Functions

build_path

Build a certification path from target through certificates in pool to one of the provided trust anchors.

Type Aliases

Result

Result alias for this crate.