Struct x509_parser::certificate::X509Certificate[−][src]

pub struct X509Certificate<'a> {
    pub tbs_certificate: TbsCertificate<'a>,
    pub signature_algorithm: AlgorithmIdentifier<'a>,
    pub signature_value: BitStringObject<'a>,
}

Expand description

An X.509 v3 Certificate.

X.509 v3 certificates are defined in RFC5280, section 4.1. This object uses the same structure for content, so for ex the subject can be accessed using the path x509.tbs_certificate.subject.

X509Certificate also contains convenience methods to access the most common fields (subject, issuer, etc.).

A X509Certificate is a zero-copy view over a buffer, so the lifetime is the same as the buffer containing the binary representation.

fn display_x509_info(x509: &X509Certificate<'_>) {
     let subject = x509.subject();
     let issuer = x509.issuer();
     println!("X.509 Subject: {}", subject);
     println!("X.509 Issuer: {}", issuer);
     println!("X.509 serial: {}", x509.tbs_certificate.raw_serial_as_string());
}

Fields

tbs_certificate: TbsCertificate<'a>signature_algorithm: AlgorithmIdentifier<'a>signature_value: BitStringObject<'a>

Implementations

[src]

impl<'a> X509Certificate<'a>

[src]

pub fn version(&self) -> X509Version

Get the version of the encoded certificate

[src]

pub fn subject(&self) -> &X509Name<'_>

Get the certificate subject.

[src]

pub fn issuer(&self) -> &X509Name<'_>

Get the certificate issuer.

[src]

pub fn validity(&self) -> &Validity

Get the certificate validity.

[src]

pub fn public_key(&self) -> &SubjectPublicKeyInfo<'_>

Get the certificate public key information.

[src]

pub fn extensions(&self) -> &[X509Extension<'_>]

Get the certificate extensions.

[src]

pub fn verify_signature(
&self,
public_key: Option<&SubjectPublicKeyInfo<'_>>
) -> Result<(), X509Error>

This is supported on crate feature verify only.

Verify the cryptographic signature of this certificate

public_key is the public key of the signer. For a self-signed certificate, (for ex. a public root certificate authority), this is the key from the certificate, so you can use None.

For a leaf certificate, this is the public key of the certificate that signed it. It is usually an intermediate authority.

Trait Implementations

[src]

impl<'a> Clone for X509Certificate<'a>

[src]

fn clone(&self) -> X509Certificate<'a>

Returns a copy of the value. Read more

1.0.0[src]

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

[src]

impl<'a> Debug for X509Certificate<'a>

[src]

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

[src]

impl<'a> FromDer<'a> for X509Certificate<'a>

[src]

fn from_der(i: &'a [u8 ]) -> X509Result<'_, Self>

Parse a DER-encoded X.509 Certificate, and return the remaining of the input and the built object.

The returned object uses zero-copy, and so has the same lifetime as the input.

Note that only parsing is done, not validation.

Certificate  ::=  SEQUENCE  {
        tbsCertificate       TBSCertificate,
        signatureAlgorithm   AlgorithmIdentifier,
        signatureValue       BIT STRING  }

Example

To parse a certificate and print the subject and issuer:

let res = parse_x509_certificate(DER);
match res {
    Ok((_rem, x509)) => {
        let subject = x509.subject();
        let issuer = x509.issuer();
        println!("X.509 Subject: {}", subject);
        println!("X.509 Issuer: {}", issuer);
    },
    _ => panic!("x509 parsing failed: {:?}", res),
}