Enum tugger_apple_codesign::KnownCertificate[][src]

pub enum KnownCertificate {

Show 17 variants    AppleComputerIncRoot,
    AppleRootCa,
    AppleRootCaG2Root,
    AppleRootCaG3Root,
    AppleIstCa2G1,
    AppleIstCa8G1,
    ApplicationIntegration,
    ApplicationIntegration2,
    ApplicationIntegrationG3,
    AppleApplicationIntegrationCa5G1,
    DeveloperAuthentication,
    DeveloperId,
    SoftwareUpdate,
    Timestamp,
    Wwdr2023,
    Wwdr2030,
    WwdrG2,

}
Expand description

Defines all known Apple certificates.

This crate embeds the raw certificate data for the various known Apple certificate authorities, as advertised at https://www.apple.com/certificateauthority/.

This enumeration defines all the ones we know about. Instances can be dereferenced into concrete CapturedX509Certificate to get at the underlying certificate and access its metadata.

Variants

AppleComputerIncRoot

Apple Computer, Inc. Root Certificate.

C = US, O = “Apple Computer, Inc.”, OU = Apple Computer Certificate Authority, CN = Apple Root Certificate Authority

AppleRootCa

Apple Inc. Root Certificate

C = US, O = Apple Inc., OU = Apple Certification Authority, CN = Apple Root CA

AppleRootCaG2Root

Apple Root CA - G2 Root Certificate

CN = Apple Root CA - G2, OU = Apple Certification Authority, O = Apple Inc., C = US

AppleRootCaG3Root

Apple Root CA - G3 Root Certificate

CN = Apple Root CA - G3, OU = Apple Certification Authority, O = Apple Inc., C = US

AppleIstCa2G1

Apple IST CA 2 - G1 Certificate

CN = Apple IST CA 2 - G1, OU = Certification Authority, O = Apple Inc., C = US

AppleIstCa8G1

Apple IST CA 8 - G1 Certificate

CN = Apple IST CA 8 - G1, OU = Certification Authority, O = Apple Inc., C = US

ApplicationIntegration

Application Integration Certificate

C = US, O = Apple Inc., OU = Apple Certification Authority, CN = Apple Application Integration Certification Authority

ApplicationIntegration2

Application Integration 2 Certificate

CN = Apple Application Integration 2 Certification Authority, OU = Apple Certification Authority, O = Apple Inc., C = US

ApplicationIntegrationG3

Application Integration - G3 Certificate

CN = Apple Application Integration CA - G3, OU = Apple Certification Authority, O = Apple Inc., C = US

AppleApplicationIntegrationCa5G1

Apple Application Integration CA 5 - G1 Certificate

CN = Apple Application Integration CA 5 - G1, OU = Apple Certification Authority, O = Apple Inc., C = US

DeveloperAuthentication

Developer Authentication Certificate

CN = Developer Authentication Certification Authority, OU = Apple Worldwide Developer Relations, O = Apple Inc., C = US

DeveloperId

Developer ID Certificate

CN = Developer ID Certification Authority, OU = Apple Certification Authority, O = Apple Inc., C = US

SoftwareUpdate

Software Update Certificate

CN = Apple Software Update Certification Authority, OU = Certification Authority, O = Apple Inc., C = US

Timestamp

Timestamp Certificate

CN = Apple Timestamp Certification Authority, OU = Apple Certification Authority, O = Apple Inc., C = US

Wwdr2023

WWDR Certificate (Expiring 02/07/2023 21:48:47 UTC)

C = US, O = Apple Inc., OU = Apple Worldwide Developer Relations, CN = Apple Worldwide Developer Relations Certification Authority

Wwdr2030

WWDR Certificate (Expiring 02/20/2030 12:00:00 UTC)

CN = Apple Worldwide Developer Relations Certification Authority, OU = G3, O = Apple Inc., C = US

WwdrG2

Worldwide Developer Relations - G2 Certificate

CN = Apple Worldwide Developer Relations CA - G2, OU = Apple Certification Authority, O = Apple Inc., C = US

Implementations

Obtain a slice of all known KnownCertificate.

If you want to iterate over all certificates and find one, you can use this.

All of Apple’s known root certificate authority certificates.

Methods from Deref<Target = CapturedX509Certificate>

Obtain the DER data that was used to construct this instance.

The data is guaranteed to not have been modified since the instance was constructed.

Encode the original contents of this certificate to PEM.

Verify that another certificate, other, signed this certificate.

If this is a self-signed certificate, you can pass self as the 2nd argument.

This function isn’t exposed on X509Certificate because the exact bytes constituting the certificate’s internals need to be consulted to verify signatures. And since this type tracks the underlying bytes, we are guaranteed to have a pristine copy.

Verify a signature over signed data perportedly signed by this certificate.

Verifies that this certificate was cryptographically signed using raw public key data from a signing key.

This function does the low-level work of extracting the signature and verification details from the current certificate and figuring out the correct combination of cryptography settings to apply to perform signature verification.

In many cases, an X.509 certificate is signed by another certificate. And since the public key is embedded in the X.509 certificate, it is easier to go through Self::verify_signed_by_certificate instead.

Attempt to find the issuing certificate of this one.

Given an iterable of certificates, we find the first certificate where we are able to verify that our signature was made by their public key.

This function can yield false negatives for cases where we don’t support the signature algorithm on the incoming certificates.

Attempt to resolve the signing chain of this certificate.

Given an iterable of certificates, we recursively resolve the chain of certificates that signed this one until we are no longer able to find any more certificates in the input set.

Like Self::find_signing_certificate, this can yield false negatives (read: an incomplete chain) due to run-time failures, such as lack of support for a certificate’s signature algorithm.

As a certificate is encountered, it is removed from the set of future candidates.

The traversal ends when we get to an identical certificate (its DER data is equivalent) or we couldn’t find a certificate in the remaining set that signed the last one.

Because we need to recursively verify certificates, the incoming iterator is buffered.

Trait Implementations

Performs the conversion.

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

The resulting type after dereferencing.

Dereferences the value.

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

The type returned in the event of a conversion error.

Performs the conversion.

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Compare self to key and return true if they are equal.

Performs the conversion.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Performs the conversion.

Should always be Self

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

recently added

Uses borrowed data to replace owned data, usually by cloning. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.