Skip to main content

Certificate

security::certificate

Struct Certificate 

Source 
pub struct Certificate { /* private fields */ }
Expand description

Wraps SecCertificateRef.

Implementations§

Source§

impl Certificate

Source

pub fn type_id() -> usize

Wraps the corresponding SecCertificateRef operation.

Source

pub fn from_der(der: &[u8]) -> Result<Self>

Wraps the corresponding SecCertificateRef operation.

Examples found in repository?
examples/11_cms_cert_bag.rs (line 7)
6fn main() -> Result<(), Box<dyn std::error::Error>> {
7    let certificate = Certificate::from_der(&support::fixture("test-cert.der"))?;
8    let encoded = Cms::encode_supporting_certificates(&[certificate])?;
9    let decoded = Cms::decode_all_certificates(&encoded)?;
10    println!("cms_len={} certs={}", encoded.len(), decoded.len());
11    Ok(())
12}
More examples
Hide additional examples
examples/05_trust_evaluate.rs (line 7)
6fn main() -> Result<(), Box<dyn std::error::Error>> {
7    let certificate = Certificate::from_der(&support::fixture("test-cert.der"))?;
8    let policy = Policy::basic_x509()?;
9    let mut trust = Trust::new(&certificate, &[policy])?;
10    trust.set_anchor_certificates(&[certificate])?;
11    trust.set_anchor_certificates_only(true)?;
12    trust.set_network_fetch_allowed(false)?;
13    trust.evaluate()?;
14    println!("chain_len={}", trust.certificate_chain()?.len());
15    Ok(())
16}
Source

pub fn import_item( data: &[u8], file_name_or_extension: Option<&str>, format: ExternalFormat, item_type: ExternalItemType, ) -> Result<Self>

Wraps the corresponding SecCertificateRef operation.

Examples found in repository?
examples/03_certificate_inspect.rs (lines 7-12)
6fn main() -> Result<(), Box<dyn std::error::Error>> {
7    let certificate = Certificate::import_item(
8        &support::fixture("test-cert.pem"),
9        Some(".pem"),
10        ExternalFormat::Unknown,
11        ExternalItemType::Certificate,
12    )?;
13    let exported_pem = certificate.export_item(ExternalFormat::X509Certificate, true)?;
14    println!(
15        "subject={:?} emails={:?} serial_len={} exported_pem_len={}",
16        certificate.subject_summary()?,
17        certificate.email_addresses()?,
18        certificate.serial_number()?.len(),
19        exported_pem.len()
20    );
21    Ok(())
22}
Source

pub fn export_item( &self, format: ExternalFormat, pem_armour: bool, ) -> Result<Vec<u8>>

Wraps the corresponding SecCertificateRef operation.

Examples found in repository?
examples/03_certificate_inspect.rs (line 13)
6fn main() -> Result<(), Box<dyn std::error::Error>> {
7    let certificate = Certificate::import_item(
8        &support::fixture("test-cert.pem"),
9        Some(".pem"),
10        ExternalFormat::Unknown,
11        ExternalItemType::Certificate,
12    )?;
13    let exported_pem = certificate.export_item(ExternalFormat::X509Certificate, true)?;
14    println!(
15        "subject={:?} emails={:?} serial_len={} exported_pem_len={}",
16        certificate.subject_summary()?,
17        certificate.email_addresses()?,
18        certificate.serial_number()?.len(),
19        exported_pem.len()
20    );
21    Ok(())
22}
Source

pub fn from_pem(pem: &[u8]) -> Result<Self>

Wraps the corresponding SecCertificateRef operation.

Examples found in repository?
examples/14_key_import_sign_verify.rs (line 16)
6fn main() -> Result<(), Box<dyn std::error::Error>> {
7    let raw_key = PrivateKey::from_data(
8        &support::fixture("test-key-rsa.pkcs1.der"),
9        KeyType::Rsa,
10        2048,
11    )?;
12    let signature = raw_key.sign(
13        SignatureAlgorithm::RsaSignatureMessagePkcs1v15Sha256,
14        b"security-rs",
15    )?;
16    let certificate = Certificate::from_pem(&support::fixture("test-cert.pem"))?;
17    let verified = certificate.public_key()?.verify_signature(
18        SignatureAlgorithm::RsaSignatureMessagePkcs1v15Sha256,
19        b"security-rs",
20        &signature,
21    )?;
22    println!("signature_len={} verified={verified}", signature.len());
23    Ok(())
24}
More examples
Hide additional examples
examples/15_key_encrypt_export.rs (line 25)
5fn main() -> Result<(), Box<dyn std::error::Error>> {
6    let private_key = PrivateKey::from_data(
7        &std::fs::read("tests/fixtures/test-key-rsa.pkcs1.der")?,
8        KeyType::Rsa,
9        2048,
10    )?;
11    let public_key = private_key.public_key()?;
12
13    let ciphertext = public_key.encrypt(
14        EncryptionAlgorithm::RsaEncryptionOaepSha256,
15        b"security-rs example",
16    )?;
17    let plaintext =
18        private_key.decrypt(EncryptionAlgorithm::RsaEncryptionOaepSha256, &ciphertext)?;
19    assert_eq!(plaintext, b"security-rs example");
20
21    let signature = private_key.sign(
22        SignatureAlgorithm::RsaSignatureMessagePkcs1v15Sha256,
23        b"security-rs example",
24    )?;
25    let certificate = Certificate::from_pem(&std::fs::read("tests/fixtures/test-cert.pem")?)?;
26    assert!(certificate.public_key()?.verify_signature(
27        SignatureAlgorithm::RsaSignatureMessagePkcs1v15Sha256,
28        b"security-rs example",
29        &signature,
30    )?);
31
32    println!(
33        "key_type_id={} block_size={} exported_private={} exported_public={}",
34        PrivateKey::type_id(),
35        public_key.block_size(),
36        private_key.external_representation()?.len(),
37        public_key.external_representation()?.len(),
38    );
39
40    Ok(())
41}
Source

pub fn subject_summary(&self) -> Result<Option<String>>

Wraps the corresponding SecCertificateRef operation.

Examples found in repository?
examples/02_identity_pkcs12.rs (line 14)
6fn main() -> Result<(), Box<dyn std::error::Error>> {
7    let identity =
8        Identity::import_pkcs12_first(&support::fixture("test-identity.p12"), "password")?;
9    let certificate = identity.certificate()?;
10    println!(
11        "label={:?} chain_count={} subject={:?}",
12        identity.label()?,
13        identity.chain_count(),
14        certificate.subject_summary()?
15    );
16    Ok(())
17}
More examples
Hide additional examples
examples/03_certificate_inspect.rs (line 16)
6fn main() -> Result<(), Box<dyn std::error::Error>> {
7    let certificate = Certificate::import_item(
8        &support::fixture("test-cert.pem"),
9        Some(".pem"),
10        ExternalFormat::Unknown,
11        ExternalItemType::Certificate,
12    )?;
13    let exported_pem = certificate.export_item(ExternalFormat::X509Certificate, true)?;
14    println!(
15        "subject={:?} emails={:?} serial_len={} exported_pem_len={}",
16        certificate.subject_summary()?,
17        certificate.email_addresses()?,
18        certificate.serial_number()?.len(),
19        exported_pem.len()
20    );
21    Ok(())
22}
Source

pub fn common_name(&self) -> Result<Option<String>>

Wraps the corresponding SecCertificateRef operation.

Source

pub fn email_addresses(&self) -> Result<Vec<String>>

Wraps the corresponding SecCertificateRef operation.

Examples found in repository?
examples/03_certificate_inspect.rs (line 17)
6fn main() -> Result<(), Box<dyn std::error::Error>> {
7    let certificate = Certificate::import_item(
8        &support::fixture("test-cert.pem"),
9        Some(".pem"),
10        ExternalFormat::Unknown,
11        ExternalItemType::Certificate,
12    )?;
13    let exported_pem = certificate.export_item(ExternalFormat::X509Certificate, true)?;
14    println!(
15        "subject={:?} emails={:?} serial_len={} exported_pem_len={}",
16        certificate.subject_summary()?,
17        certificate.email_addresses()?,
18        certificate.serial_number()?.len(),
19        exported_pem.len()
20    );
21    Ok(())
22}
Source

pub fn normalized_subject_sequence(&self) -> Result<Vec<u8>>

Wraps the corresponding SecCertificateRef operation.

Source

pub fn normalized_issuer_sequence(&self) -> Result<Vec<u8>>

Wraps the corresponding SecCertificateRef operation.

Source

pub fn serial_number(&self) -> Result<Vec<u8>>

Wraps the corresponding SecCertificateRef operation.

Examples found in repository?
examples/03_certificate_inspect.rs (line 18)
6fn main() -> Result<(), Box<dyn std::error::Error>> {
7    let certificate = Certificate::import_item(
8        &support::fixture("test-cert.pem"),
9        Some(".pem"),
10        ExternalFormat::Unknown,
11        ExternalItemType::Certificate,
12    )?;
13    let exported_pem = certificate.export_item(ExternalFormat::X509Certificate, true)?;
14    println!(
15        "subject={:?} emails={:?} serial_len={} exported_pem_len={}",
16        certificate.subject_summary()?,
17        certificate.email_addresses()?,
18        certificate.serial_number()?.len(),
19        exported_pem.len()
20    );
21    Ok(())
22}
Source

pub fn not_valid_before(&self) -> Result<Option<SystemTime>>

Wraps the corresponding SecCertificateRef operation.

Source

pub fn not_valid_after(&self) -> Result<Option<SystemTime>>

Wraps the corresponding SecCertificateRef operation.

Source

pub fn der_data(&self) -> Result<Vec<u8>>

Wraps the corresponding SecCertificateRef operation.

Source

pub fn public_key(&self) -> Result<PublicKey>

Wraps the corresponding SecCertificateRef operation.

Examples found in repository?
examples/14_key_import_sign_verify.rs (line 17)
6fn main() -> Result<(), Box<dyn std::error::Error>> {
7    let raw_key = PrivateKey::from_data(
8        &support::fixture("test-key-rsa.pkcs1.der"),
9        KeyType::Rsa,
10        2048,
11    )?;
12    let signature = raw_key.sign(
13        SignatureAlgorithm::RsaSignatureMessagePkcs1v15Sha256,
14        b"security-rs",
15    )?;
16    let certificate = Certificate::from_pem(&support::fixture("test-cert.pem"))?;
17    let verified = certificate.public_key()?.verify_signature(
18        SignatureAlgorithm::RsaSignatureMessagePkcs1v15Sha256,
19        b"security-rs",
20        &signature,
21    )?;
22    println!("signature_len={} verified={verified}", signature.len());
23    Ok(())
24}
More examples
Hide additional examples
examples/15_key_encrypt_export.rs (line 26)
5fn main() -> Result<(), Box<dyn std::error::Error>> {
6    let private_key = PrivateKey::from_data(
7        &std::fs::read("tests/fixtures/test-key-rsa.pkcs1.der")?,
8        KeyType::Rsa,
9        2048,
10    )?;
11    let public_key = private_key.public_key()?;
12
13    let ciphertext = public_key.encrypt(
14        EncryptionAlgorithm::RsaEncryptionOaepSha256,
15        b"security-rs example",
16    )?;
17    let plaintext =
18        private_key.decrypt(EncryptionAlgorithm::RsaEncryptionOaepSha256, &ciphertext)?;
19    assert_eq!(plaintext, b"security-rs example");
20
21    let signature = private_key.sign(
22        SignatureAlgorithm::RsaSignatureMessagePkcs1v15Sha256,
23        b"security-rs example",
24    )?;
25    let certificate = Certificate::from_pem(&std::fs::read("tests/fixtures/test-cert.pem")?)?;
26    assert!(certificate.public_key()?.verify_signature(
27        SignatureAlgorithm::RsaSignatureMessagePkcs1v15Sha256,
28        b"security-rs example",
29        &signature,
30    )?);
31
32    println!(
33        "key_type_id={} block_size={} exported_private={} exported_public={}",
34        PrivateKey::type_id(),
35        public_key.block_size(),
36        private_key.external_representation()?.len(),
37        public_key.external_representation()?.len(),
38    );
39
40    Ok(())
41}
Source

pub fn add_to_keychain(&self) -> Result<()>

Wraps the corresponding SecCertificateRef operation.

Source

pub fn values(&self, keys: &[&str]) -> Result<Value>

Wraps the corresponding SecCertificateRef operation.

Source

pub fn long_description(&self) -> Result<String>

Wraps the corresponding SecCertificateRef operation.

Source

pub fn short_description(&self) -> Result<String>

Wraps the corresponding SecCertificateRef operation.

Source

pub fn preferred(name: &str, key_usage: &[&str]) -> Result<Option<Self>>

Wraps the corresponding SecCertificateRef operation.

Source

pub fn set_preferred( certificate: Option<&Self>, name: &str, key_usage: &[&str], ) -> Result<()>

Wraps the corresponding SecCertificateRef operation.

Trait Implementations§

Source§

impl Debug for Certificate

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.