Struct x509_parser::certificate::X509Certificate [−][src]
pub struct X509Certificate<'a> {
pub tbs_certificate: TbsCertificate<'a>,
pub signature_algorithm: AlgorithmIdentifier<'a>,
pub signature_value: BitStringObject<'a>,
}
Expand description
An X.509 v3 Certificate.
X.509 v3 certificates are defined in RFC5280, section
4.1. This object uses the same structure for content, so for ex the subject can be accessed
using the path x509.tbs_certificate.subject
.
X509Certificate
also contains convenience methods to access the most common fields (subject,
issuer, etc.).
A X509Certificate
is a zero-copy view over a buffer, so the lifetime is the same as the
buffer containing the binary representation.
fn display_x509_info(x509: &X509Certificate<'_>) {
let subject = x509.subject();
let issuer = x509.issuer();
println!("X.509 Subject: {}", subject);
println!("X.509 Issuer: {}", issuer);
println!("X.509 serial: {}", x509.tbs_certificate.raw_serial_as_string());
}
Fields
tbs_certificate: TbsCertificate<'a>
signature_algorithm: AlgorithmIdentifier<'a>
signature_value: BitStringObject<'a>
Implementations
Get the version of the encoded certificate
Get the certificate public key information.
Get the certificate extensions.
pub fn verify_signature(
&self,
public_key: Option<&SubjectPublicKeyInfo<'_>>
) -> Result<(), X509Error>
This is supported on crate feature verify
only.
pub fn verify_signature(
&self,
public_key: Option<&SubjectPublicKeyInfo<'_>>
) -> Result<(), X509Error>
verify
only.Verify the cryptographic signature of this certificate
public_key
is the public key of the signer. For a self-signed certificate,
(for ex. a public root certificate authority), this is the key from the certificate,
so you can use None
.
For a leaf certificate, this is the public key of the certificate that signed it. It is usually an intermediate authority.
Trait Implementations
Parse a DER-encoded X.509 Certificate, and return the remaining of the input and the built object.
The returned object uses zero-copy, and so has the same lifetime as the input.
Note that only parsing is done, not validation.
Certificate ::= SEQUENCE { tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier, signatureValue BIT STRING }
Example
To parse a certificate and print the subject and issuer:
let res = parse_x509_certificate(DER);
match res {
Ok((_rem, x509)) => {
let subject = x509.subject();
let issuer = x509.issuer();
println!("X.509 Subject: {}", subject);
println!("X.509 Issuer: {}", issuer);
},
_ => panic!("x509 parsing failed: {:?}", res),
}
A parser takes in input type, and returns a Result
containing
either the remaining input and the output value, or an error Read more
Maps a function over the result of a parser
Creates a second parser from the output of the first one, then apply over the rest of the input
Applies a second parser over the output of the first one
Applies a second parser after the first one, return their results as a tuple
Applies a second parser over the input if the first one failed
This method tests for self
and other
values to be equal, and is used
by ==
. Read more
This method tests for !=
.
Auto Trait Implementations
impl<'a> RefUnwindSafe for X509Certificate<'a>
impl<'a> Send for X509Certificate<'a>
impl<'a> Sync for X509Certificate<'a>
impl<'a> Unpin for X509Certificate<'a>
impl<'a> UnwindSafe for X509Certificate<'a>
Blanket Implementations
Mutably borrows from an owned value. Read more