Skip to main content

KeyIdMethod

synta_certificate::crypto

Enum KeyIdMethod

pub enum KeyIdMethod {
    Rfc5280Sha1,
    Rfc7093Method1Sha256,
    Rfc7093Method2Sha384,
    Rfc7093Method3Sha512,
    Rfc7093Method4 {
        algorithm_oid: Vec<u32>,
    },
}

Expand description

Method for computing an X.509 key identifier value.

RFC 5280 §4.2.1.2 originally defined a single method (SHA-1 of the subjectPublicKey BIT STRING value). RFC 7093 adds four supplementary methods covering stronger hash algorithms and the full SubjectPublicKeyInfo DER encoding as input:

Method	Input	Hash	Output
RFC 5280	BIT STRING value of `subjectPublicKey`	SHA-1	full 20 bytes
RFC 7093 §2 m1	BIT STRING value of `subjectPublicKey`	SHA-256	leftmost 160 bits (20 bytes)
RFC 7093 §2 m2	BIT STRING value of `subjectPublicKey`	SHA-384	leftmost 160 bits (20 bytes)
RFC 7093 §2 m3	BIT STRING value of `subjectPublicKey`	SHA-512	leftmost 160 bits (20 bytes)
RFC 7093 §2 m4	Full `SubjectPublicKeyInfo` DER encoding	configurable	full hash bytes

Variants§

Rfc5280Sha1

RFC 5280 §4.2.1.2: SHA-1 of the BIT STRING value of subjectPublicKey (full 20 bytes).

Rfc7093Method1Sha256

RFC 7093 §2 method 1: SHA-256 of the BIT STRING value, leftmost 160 bits (20 bytes).

Rfc7093Method2Sha384

RFC 7093 §2 method 2: SHA-384 of the BIT STRING value, leftmost 160 bits (20 bytes).

Rfc7093Method3Sha512

RFC 7093 §2 method 3: SHA-512 of the BIT STRING value, leftmost 160 bits (20 bytes).

Rfc7093Method4

RFC 7093 §2 method 4: hash of the full SubjectPublicKeyInfo DER encoding.

algorithm_oid selects the hash algorithm; the full hash value is used (no truncation). The RFC recommends SHA-256 as the example algorithm.

Fields

§algorithm_oid: Vec<u32>

Implementations§

impl KeyIdMethod

pub fn algorithm_oid(&self) -> &[u32]

OID component array of the hash algorithm used by this method.

pub fn uses_full_spki_der(&self) -> bool

Whether this method hashes the full SubjectPublicKeyInfo DER encoding rather than the BIT STRING value of subjectPublicKey.

Returns true only for Rfc7093Method4.

pub fn apply_output_length(&self, hash: Vec<u8>) -> Vec<u8> ⓘ

Apply the output-length rule for this method.

RFC 7093 methods 1–3 truncate the hash to its leftmost 160 bits (20 bytes). All other methods return the full hash unchanged.

Trait Implementations§

impl Clone for KeyIdMethod

fn clone(&self) -> KeyIdMethod

Returns a duplicate of the value. Read more

1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for KeyIdMethod

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

impl Freeze for KeyIdMethod

impl RefUnwindSafe for KeyIdMethod

impl Send for KeyIdMethod

impl Sync for KeyIdMethod

impl Unpin for KeyIdMethod

impl UnsafeUnpin for KeyIdMethod

impl UnwindSafe for KeyIdMethod

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.