x509_cert/ext/pkix/
authkeyid.rs

1use super::name::GeneralNames;
2use crate::serial_number::SerialNumber;
3
4use const_oid::db::rfc5280::ID_CE_AUTHORITY_KEY_IDENTIFIER;
5use const_oid::{AssociatedOid, ObjectIdentifier};
6use der::asn1::OctetString;
7use der::Sequence;
8
9/// AuthorityKeyIdentifier as defined in [RFC 5280 Section 4.2.1.1].
10///
11/// ```text
12/// AuthorityKeyIdentifier ::= SEQUENCE {
13///     keyIdentifier             [0] KeyIdentifier           OPTIONAL,
14///     authorityCertIssuer       [1] GeneralNames            OPTIONAL,
15///     authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL
16/// }
17///
18/// KeyIdentifier ::= OCTET STRING
19/// ```
20///
21/// [RFC 5280 Section 4.2.1.1]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.1
22#[derive(Clone, Debug, Eq, PartialEq, Sequence, Default)]
23#[allow(missing_docs)]
24pub struct AuthorityKeyIdentifier {
25    #[asn1(context_specific = "0", tag_mode = "IMPLICIT", optional = "true")]
26    pub key_identifier: Option<OctetString>,
27
28    #[asn1(context_specific = "1", tag_mode = "IMPLICIT", optional = "true")]
29    pub authority_cert_issuer: Option<GeneralNames>,
30
31    #[asn1(context_specific = "2", tag_mode = "IMPLICIT", optional = "true")]
32    pub authority_cert_serial_number: Option<SerialNumber>,
33}
34
35impl AssociatedOid for AuthorityKeyIdentifier {
36    const OID: ObjectIdentifier = ID_CE_AUTHORITY_KEY_IDENTIFIER;
37}
38
39impl_extension!(AuthorityKeyIdentifier, critical = false);
40impl_key_identifier!(
41    AuthorityKeyIdentifier,
42    (|result: &[u8]| Ok(Self {
43        key_identifier: Some(OctetString::new(result)?),
44        ..Default::default()
45    }))
46);
x509_cert/ext/pkix/authkeyid.rs

x509_cert/ext/pkix/
authkeyid.rs
