Struct VecLogger

Source

pub struct VecLogger { /* private fields */ }

Available on crate feature validate only.

Expand description

Simple Logger for Validator trait, storing messages in Vec

Implementations§

Source §

impl VecLogger

Source

pub fn warnings(&self) -> &[String]

Get stored warnings

Examples found in repository ?

examples/print-cert.rs (line 195)

155fn print_x509_info(x509: &X509Certificate) -> io::Result<()> {
156    let version = x509.version();
157    if version.0 < 3 {
158        println!("  Version: {}", version);
159    } else {
160        println!("  Version: INVALID({})", version.0);
161    }
162    println!("  Serial: {}", x509.tbs_certificate.raw_serial_as_string());
163    println!("  Subject: {}", x509.subject());
164    println!("  Issuer: {}", x509.issuer());
165    println!("  Validity:");
166    println!("    NotBefore: {}", x509.validity().not_before);
167    println!("    NotAfter:  {}", x509.validity().not_after);
168    println!("    is_valid:  {}", x509.validity().is_valid());
169    println!("  Subject Public Key Info:");
170    print_x509_ski(x509.public_key());
171    print_x509_signature_algorithm(&x509.signature_algorithm, 4);
172
173    println!("  Signature Value:");
174    for l in format_number_to_hex_with_colon(&x509.signature_value.data, 16) {
175        println!("      {}", l);
176    }
177    println!("  Extensions:");
178    for ext in x509.extensions() {
179        print_x509_extension(&ext.oid, ext);
180    }
181    println!();
182    print!("Structure validation status: ");
183    #[cfg(feature = "validate")]
184    {
185        let mut logger = VecLogger::default();
186        // structure validation status
187        let ok = X509StructureValidator
188            .chain(X509CertificateValidator)
189            .validate(x509, &mut logger);
190        if ok {
191            println!("Ok");
192        } else {
193            println!("FAIL");
194        }
195        for warning in logger.warnings() {
196            println!("  [W] {}", warning);
197        }
198        for error in logger.errors() {
199            println!("  [E] {}", error);
200        }
201        println!();
202        if VALIDATE_ERRORS_FATAL && !logger.errors().is_empty() {
203            return Err(io::Error::new(io::ErrorKind::Other, "validation failed"));
204        }
205    }
206    #[cfg(not(feature = "validate"))]
207    {
208        println!("Unknown (feature 'validate' not enabled)");
209    }
210    #[cfg(feature = "verify")]
211    {
212        print!("Signature verification: ");
213        if x509.subject() == x509.issuer() {
214            if x509.verify_signature(None).is_ok() {
215                println!("OK");
216                println!("  [I] certificate is self-signed");
217            } else if x509.subject() == x509.issuer() {
218                println!("FAIL");
219                println!("  [W] certificate looks self-signed, but signature verification failed");
220            }
221        } else {
222            // if subject is different from issuer, we cannot verify certificate without the public key of the issuer
223            println!("N/A");
224        }
225    }
226    Ok(())
227}

Source

pub fn errors(&self) -> &[String]

Get stored errors

Examples found in repository ?

examples/print-cert.rs (line 198)

155fn print_x509_info(x509: &X509Certificate) -> io::Result<()> {
156    let version = x509.version();
157    if version.0 < 3 {
158        println!("  Version: {}", version);
159    } else {
160        println!("  Version: INVALID({})", version.0);
161    }
162    println!("  Serial: {}", x509.tbs_certificate.raw_serial_as_string());
163    println!("  Subject: {}", x509.subject());
164    println!("  Issuer: {}", x509.issuer());
165    println!("  Validity:");
166    println!("    NotBefore: {}", x509.validity().not_before);
167    println!("    NotAfter:  {}", x509.validity().not_after);
168    println!("    is_valid:  {}", x509.validity().is_valid());
169    println!("  Subject Public Key Info:");
170    print_x509_ski(x509.public_key());
171    print_x509_signature_algorithm(&x509.signature_algorithm, 4);
172
173    println!("  Signature Value:");
174    for l in format_number_to_hex_with_colon(&x509.signature_value.data, 16) {
175        println!("      {}", l);
176    }
177    println!("  Extensions:");
178    for ext in x509.extensions() {
179        print_x509_extension(&ext.oid, ext);
180    }
181    println!();
182    print!("Structure validation status: ");
183    #[cfg(feature = "validate")]
184    {
185        let mut logger = VecLogger::default();
186        // structure validation status
187        let ok = X509StructureValidator
188            .chain(X509CertificateValidator)
189            .validate(x509, &mut logger);
190        if ok {
191            println!("Ok");
192        } else {
193            println!("FAIL");
194        }
195        for warning in logger.warnings() {
196            println!("  [W] {}", warning);
197        }
198        for error in logger.errors() {
199            println!("  [E] {}", error);
200        }
201        println!();
202        if VALIDATE_ERRORS_FATAL && !logger.errors().is_empty() {
203            return Err(io::Error::new(io::ErrorKind::Other, "validation failed"));
204        }
205    }
206    #[cfg(not(feature = "validate"))]
207    {
208        println!("Unknown (feature 'validate' not enabled)");
209    }
210    #[cfg(feature = "verify")]
211    {
212        print!("Signature verification: ");
213        if x509.subject() == x509.issuer() {
214            if x509.verify_signature(None).is_ok() {
215                println!("OK");
216                println!("  [I] certificate is self-signed");
217            } else if x509.subject() == x509.issuer() {
218                println!("FAIL");
219                println!("  [W] certificate looks self-signed, but signature verification failed");
220            }
221        } else {
222            // if subject is different from issuer, we cannot verify certificate without the public key of the issuer
223            println!("N/A");
224        }
225    }
226    Ok(())
227}