Struct rustls::sign::CertifiedKey[−][src]

[+] Show declaration

pub struct CertifiedKey {
    pub cert: Vec<Certificate>,
    pub key: Arc<Box<dyn SigningKey>>,
    pub ocsp: Option<Vec<u8>>,
    pub sct_list: Option<Vec<u8>>,
}

A packaged-together certificate chain, matching SigningKey and optional stapled OCSP response and/or SCT list.

Fields

cert: Vec<Certificate>

The certificate chain.

key: Arc<Box<dyn SigningKey>>

The certified key.

ocsp: Option<Vec<u8>>

An optional OCSP response from the certificate issuer, attesting to its continued validity.

sct_list: Option<Vec<u8>>

An optional collection of SCTs from CT logs, proving the certificate is included on those logs. This must be a SignedCertificateTimestampList encoding; see RFC6962.

Implementations

`impl CertifiedKey`[src][−]

`pub fn new( cert: Vec<Certificate>, key: Arc<Box<dyn SigningKey>> ) -> CertifiedKey`[src][−]

Make a new CertifiedKey, with the given chain and key.

The cert chain must not be empty. The first certificate in the chain must be the end-entity certificate.

`pub fn end_entity_cert(&self) -> Result<&Certificate, ()>`[src][−]

The end-entity certificate.

`pub fn take_cert(&mut self) -> Vec<Certificate>`[src][−]

Steal ownership of the certificate chain.

`pub fn has_ocsp(&self) -> bool`[src][−]

Return true if there’s an OCSP response.

`pub fn take_ocsp(&mut self) -> Option<Vec<u8>>`[src][−]

Steal ownership of the OCSP response.

`pub fn has_sct_list(&self) -> bool`[src][−]

Return true if there’s an SCT list.

`pub fn take_sct_list(&mut self) -> Option<Vec<u8>>`[src][−]

Steal ownership of the SCT list.

`pub fn cross_check_end_entity_cert( &self, name: Option<DNSNameRef<'_>> ) -> Result<(), TLSError>`[src][−]

Check the certificate chain for validity:

it should be non-empty list
the first certificate should be parsable as a x509v3,
the first certificate should quote the given server name (if provided)

These checks are not security-sensitive. They are the server attempting to detect accidental misconfiguration.

Trait Implementations

`impl Clone for CertifiedKey`[src][+]

[+] Show hidden undocumented items

`fn clone(&self) -> CertifiedKey`[src][−]

`pub fn clone_from(&mut self, source: &Self)`1.0.0[src][−]

Auto Trait Implementations

`impl !RefUnwindSafe for CertifiedKey`

`impl Send for CertifiedKey`

`impl Sync for CertifiedKey`

`impl Unpin for CertifiedKey`

`impl !UnwindSafe for CertifiedKey`

Blanket Implementations

`impl<T> Any for T where T: 'static + ?Sized,` [src][+]

[+] Show hidden undocumented items

`pub fn type_id(&self) -> TypeId`[src][−]

`impl<T> Borrow<T> for T where T: ?Sized,` [src][+]

[+] Show hidden undocumented items

`pub fn borrow(&self) -> &T`[src][−]

`impl<T> BorrowMut<T> for T where T: ?Sized,` [src][+]

[+] Show hidden undocumented items

`pub fn borrow_mut(&mut self) -> &mut T`[src][−]

`impl<T> From<T> for T`[src][+]

[+] Show hidden undocumented items

`pub fn from(t: T) -> T`[src][−]

`impl<T, U> Into<U> for T where U: From<T>,` [src][+]

[+] Show hidden undocumented items

`pub fn into(self) -> U`[src][−]

`impl<T> ToOwned for T where T: Clone,` [src][+]

[+] Show hidden undocumented items

`type Owned = T`

The resulting type after obtaining ownership.

`pub fn to_owned(&self) -> T`[src][−]

`pub fn clone_into(&self, target: &mut T)`[src][−]

`impl<T, U> TryFrom<U> for T where U: Into<T>,` [src][+]

[+] Show hidden undocumented items

`type Error = Infallible`

The type returned in the event of a conversion error.

`pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>`[src][−]

`impl<T, U> TryInto<U> for T where U: TryFrom<T>,` [src][+]

[+] Show hidden undocumented items

`type Error = <U as TryFrom<T>>::Error`

The type returned in the event of a conversion error.

`pub fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>`[src][−]