Function validate_path 

pub fn validate_path<V>(
    chain: &[Certificate],
    anchors: &[TrustAnchor],
    policy: &ValidationPolicy,
    verifier: &V,
) -> Result<ValidatedPath>
where
    V: SignatureVerifier,

Validate a certificate chain from subject to a trust anchor.

chain must be ordered leaf-first:

• chain[0] is the subject (end-entity) certificate
• chain[1..] are intermediates in issuer order
• The last element of chain must be issued by one of anchors

Validation follows RFC 5280 §6.1. Each certificate’s signature is verified using verifier, with the signing key taken from the next certificate in the chain (or the matching trust anchor for the last cert).

Errors

Returns Err(Error::NoTrustedPath) if chain is empty or anchors is empty. On success, chain is therefore guaranteed to contain at least one certificate.

Returns Err on the first RFC 5280 §6.1 check failure. The error variant includes the chain index of the failing certificate where applicable.

Limitations

See crate-level documentation for current scope limits.