Function validate_path 

pub fn validate_path<V>(
    chain: &[Certificate],
    anchors: &[TrustAnchor],
    policy: &ValidationPolicy,
    verifier: &V,
) -> Result<ValidatedPath>
where
    V: SignatureVerifier,

Validate a certificate chain from subject to a trust anchor.

chain must be ordered leaf-first:

• chain[0] is the subject (end-entity) certificate
• chain[1..] are intermediates in issuer order
• The last element of chain must be issued by one of anchors

Validation follows RFC 5280 §6.1. Each certificate’s signature is verified using verifier, with the signing key taken from the next certificate in the chain (or the matching trust anchor for the last cert).

Errors

Returns Err on the first RFC 5280 §6.1 check failure. The error variant includes the chain index of the failing certificate where applicable.

Limitations

See crate-level documentation for v0.1 scope limits.

8 KiB TBSCertificate limit: signature verification re-encodes each TBSCertificate into a fixed 8 KiB stack buffer. Certificates whose TBSCertificate DER encoding exceeds 8 KiB return Error::Der. This is an implementation limit, not a certificate defect. Large government, enterprise, or HSM attestation certificates may trigger this. A heap-backed encoding path is planned for v0.2.

Duplicate certificates in chain (same cert appearing at two indices) are not detected. They will fail signature verification or name linkage with a SignatureInvalid or ChainBroken error rather than a dedicated diagnostic.