Struct rustls::client::WebPkiServerVerifier
source · pub struct WebPkiServerVerifier { /* private fields */ }Available on crate feature
dangerous_configuration only.Expand description
Default ServerCertVerifier, see the trait impl for more information.
Implementations§
source§impl WebPkiServerVerifier
impl WebPkiServerVerifier
sourcepub fn new(roots: impl Into<Arc<RootCertStore>>) -> Self
pub fn new(roots: impl Into<Arc<RootCertStore>>) -> Self
Constructs a new WebPkiServerVerifier.
roots is the set of trust anchors to trust for issuing server certs.
sourcepub fn default_supported_verify_schemes() -> Vec<SignatureScheme>
pub fn default_supported_verify_schemes() -> Vec<SignatureScheme>
Which signature verification schemes the webpki crate supports.
sourcepub fn default_verify_tls12_signature(
message: &[u8],
cert: &CertificateDer<'_>,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
pub fn default_verify_tls12_signature( message: &[u8], cert: &CertificateDer<'_>, dss: &DigitallySignedStruct ) -> Result<HandshakeSignatureValid, Error>
A full implementation of ServerCertVerifier::verify_tls12_signature or
ClientCertVerifier::verify_tls12_signature.
sourcepub fn default_verify_tls13_signature(
message: &[u8],
cert: &CertificateDer<'_>,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
pub fn default_verify_tls13_signature( message: &[u8], cert: &CertificateDer<'_>, dss: &DigitallySignedStruct ) -> Result<HandshakeSignatureValid, Error>
A full implementation of ServerCertVerifier::verify_tls13_signature or
ClientCertVerifier::verify_tls13_signature.
Trait Implementations§
source§impl ServerCertVerifier for WebPkiServerVerifier
impl ServerCertVerifier for WebPkiServerVerifier
source§fn verify_server_cert(
&self,
end_entity: &CertificateDer<'_>,
intermediates: &[CertificateDer<'_>],
server_name: &ServerName,
ocsp_response: &[u8],
now: SystemTime
) -> Result<ServerCertVerified, Error>
fn verify_server_cert( &self, end_entity: &CertificateDer<'_>, intermediates: &[CertificateDer<'_>], server_name: &ServerName, ocsp_response: &[u8], now: SystemTime ) -> Result<ServerCertVerified, Error>
Will verify the certificate is valid in the following ways:
- Signed by a trusted
RootCertStoreCA - Not Expired
- Valid for DNS entry
source§fn verify_tls12_signature(
&self,
message: &[u8],
cert: &CertificateDer<'_>,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
fn verify_tls12_signature( &self, message: &[u8], cert: &CertificateDer<'_>, dss: &DigitallySignedStruct ) -> Result<HandshakeSignatureValid, Error>
Verify a signature allegedly by the given server certificate. Read more
source§fn verify_tls13_signature(
&self,
message: &[u8],
cert: &CertificateDer<'_>,
dss: &DigitallySignedStruct
) -> Result<HandshakeSignatureValid, Error>
fn verify_tls13_signature( &self, message: &[u8], cert: &CertificateDer<'_>, dss: &DigitallySignedStruct ) -> Result<HandshakeSignatureValid, Error>
Verify a signature allegedly by the given server certificate. Read more
source§fn supported_verify_schemes(&self) -> Vec<SignatureScheme>
fn supported_verify_schemes(&self) -> Vec<SignatureScheme>
Return the list of SignatureSchemes that this verifier will handle,
in
verify_tls12_signature and verify_tls13_signature calls. Read moreAuto Trait Implementations§
impl RefUnwindSafe for WebPkiServerVerifier
impl Send for WebPkiServerVerifier
impl Sync for WebPkiServerVerifier
impl Unpin for WebPkiServerVerifier
impl UnwindSafe for WebPkiServerVerifier
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more