TrustDomainPolicy

spiffe_rustls

Enum TrustDomainPolicy 

Source 
pub enum TrustDomainPolicy {
    AnyInBundleSet,
    AllowList(BTreeSet<TrustDomain>),
    LocalOnly(TrustDomain),
}
Expand description

Policy for selecting which trust domains to trust during certificate verification.

When SPIFFE federation is configured, the Workload API delivers trust bundles for multiple trust domains. This policy allows you to restrict which of those bundles are actually used during certificate verification.

This is a defense-in-depth mechanism. The primary trust model comes from the bundle set delivered by the SPIFFE Workload API. This policy provides an additional layer of control over which trust domains are accepted.

Default: AnyInBundleSet - use all bundles provided by the Workload API.

§Examples

use spiffe_rustls::{AllowList, AnyInBundleSet, TrustDomainPolicy};
use std::collections::BTreeSet;

// Default: trust any domain in the bundle set
let policy = AnyInBundleSet;

// Restrict to specific trust domains (using re-exported variant)
let mut allowed = BTreeSet::new();
allowed.insert("broker.example".try_into().unwrap());
let policy = AllowList(allowed);

// You can also use the full path if preferred
let policy = TrustDomainPolicy::default();

Variants§

§

AnyInBundleSet

Default: use all trust domain bundles provided by the Workload API.

When SPIFFE federation is configured, the Workload API delivers bundles for multiple trust domains. This policy accepts all of them, allowing the verifier to automatically select the correct bundle based on the peer’s SPIFFE ID. No additional configuration is needed for federation to work.

§

AllowList(BTreeSet<TrustDomain>)

Restrict to these trust domains only.

Only bundles for these trust domains will be used, even if other bundles are present in the bundle set.

§

LocalOnly(TrustDomain)

Only trust the specified trust domain.

Only bundles for this trust domain will be used, even if the Workload API provides bundles for other trust domains. This restricts certificate verification to a single trust domain.

Implementations§

Source§

impl TrustDomainPolicy

Source

pub fn allows(&self, trust_domain: &TrustDomain) -> bool

Checks if a trust domain is allowed by this policy.

Trait Implementations§

Source§

impl Clone for TrustDomainPolicy

Source§

fn clone(&self) -> TrustDomainPolicy

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for TrustDomainPolicy

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for TrustDomainPolicy

Source§

fn default() -> TrustDomainPolicy

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoRequest<T> for T

Source§

fn into_request(self) -> Request<T>

Wrap the input message T in a tonic::Request
Source§

impl<L> LayerExt<L> for L

Source§

fn named_layer<S>(&self, service: S) -> Layered<<L as Layer<S>>::Service, S>
where L: Layer<S>,

Applies the layer to a service and wraps it in Layered.
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more