Struct rustls::sign::CertifiedKey [−][src]
A packaged-together certificate chain, matching SigningKey
and
optional stapled OCSP response and/or SCT list.
Fields
cert: Vec<Certificate>
The certificate chain.
key: Arc<Box<dyn SigningKey>>
The certified key.
ocsp: Option<Vec<u8>>
An optional OCSP response from the certificate issuer, attesting to its continued validity.
sct_list: Option<Vec<u8>>
An optional collection of SCTs from CT logs, proving the
certificate is included on those logs. This must be
a SignedCertificateTimestampList
encoding; see RFC6962.
Implementations
impl CertifiedKey
[src]
pub fn new(
cert: Vec<Certificate>,
key: Arc<Box<dyn SigningKey>>
) -> CertifiedKey
[src]
cert: Vec<Certificate>,
key: Arc<Box<dyn SigningKey>>
) -> CertifiedKey
Make a new CertifiedKey, with the given chain and key.
The cert chain must not be empty. The first certificate in the chain must be the end-entity certificate.
pub fn end_entity_cert(&self) -> Result<&Certificate, ()>
[src]
The end-entity certificate.
pub fn take_cert(&mut self) -> Vec<Certificate>
[src]
Steal ownership of the certificate chain.
pub fn has_ocsp(&self) -> bool
[src]
Return true if there’s an OCSP response.
pub fn take_ocsp(&mut self) -> Option<Vec<u8>>
[src]
Steal ownership of the OCSP response.
pub fn has_sct_list(&self) -> bool
[src]
Return true if there’s an SCT list.
pub fn take_sct_list(&mut self) -> Option<Vec<u8>>
[src]
Steal ownership of the SCT list.
pub fn cross_check_end_entity_cert(
&self,
name: Option<DNSNameRef<'_>>
) -> Result<(), TLSError>
[src]
&self,
name: Option<DNSNameRef<'_>>
) -> Result<(), TLSError>
Check the certificate chain for validity:
- it should be non-empty list
- the first certificate should be parsable as a x509v3,
- the first certificate should quote the given server name (if provided)
These checks are not security-sensitive. They are the server attempting to detect accidental misconfiguration.
Trait Implementations
impl Clone for CertifiedKey
[src]
fn clone(&self) -> CertifiedKey
[src]
pub fn clone_from(&mut self, source: &Self)
1.0.0[src]
Auto Trait Implementations
impl !RefUnwindSafe for CertifiedKey
impl Send for CertifiedKey
impl Sync for CertifiedKey
impl Unpin for CertifiedKey
impl !UnwindSafe for CertifiedKey
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> ToOwned for T where
T: Clone,
[src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
pub fn to_owned(&self) -> T
[src]
pub fn clone_into(&self, target: &mut T)
[src]
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,