Struct rocket::mtls::x509::CertificateRevocationList
pub struct CertificateRevocationList<'a> {
pub tbs_cert_list: TbsCertList<'a>,
pub signature_algorithm: AlgorithmIdentifier<'a>,
pub signature_value: BitStringObject<'a>,
}
Available on crate feature
mtls
only.Expand description
An X.509 v2 Certificate Revocation List (CRL).
X.509 v2 CRLs are defined in RFC5280.
Example
To parse a CRL and print information about revoked certificates:
use x509_parser::revocation_list::CertificateRevocationList;
use x509_parser::traits::FromDer;
let res = CertificateRevocationList::from_der(DER);
match res {
Ok((_rem, crl)) => {
for revoked in crl.iter_revoked_certificates() {
println!("Revoked certificate serial: {}", revoked.raw_serial_as_string());
println!(" Reason: {}", revoked.reason_code().unwrap_or_default().1);
}
},
_ => panic!("CRL parsing failed: {:?}", res),
}
Fields§
§tbs_cert_list: TbsCertList<'a>
§signature_algorithm: AlgorithmIdentifier<'a>
§signature_value: BitStringObject<'a>
Implementations§
§impl<'a> CertificateRevocationList<'a>
impl<'a> CertificateRevocationList<'a>
pub fn version(&self) -> Option<X509Version>
pub fn version(&self) -> Option<X509Version>
Get the version of the encoded certificate
pub fn last_update(&self) -> ASN1Time
pub fn last_update(&self) -> ASN1Time
Get the date and time of the last (this) update.
pub fn next_update(&self) -> Option<ASN1Time>
pub fn next_update(&self) -> Option<ASN1Time>
Get the date and time of the next update, if present.
pub fn iter_revoked_certificates(
&self
) -> impl Iterator<Item = &RevokedCertificate<'a>>
pub fn iter_revoked_certificates( &self ) -> impl Iterator<Item = &RevokedCertificate<'a>>
Return an iterator over the RevokedCertificate
objects
pub fn extensions(&self) -> &[X509Extension<'_>]
pub fn extensions(&self) -> &[X509Extension<'_>]
Get the CRL extensions.
pub fn crl_number(&self) -> Option<&BigUint>
pub fn crl_number(&self) -> Option<&BigUint>
Get the CRL number, if present
Note that the returned value is a BigUint
, because of the following RFC specification:
Given the requirements above, CRL numbers can be expected to contain long integers. CRL verifiers MUST be able to handle CRLNumber values up to 20 octets. Conformant CRL issuers MUST NOT use CRLNumber values longer than 20 octets.
Trait Implementations§
§impl<'a> Clone for CertificateRevocationList<'a>
impl<'a> Clone for CertificateRevocationList<'a>
§fn clone(&self) -> CertificateRevocationList<'a>
fn clone(&self) -> CertificateRevocationList<'a>
Returns a copy of the value. Read more
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from
source
. Read more§impl<'a> Debug for CertificateRevocationList<'a>
impl<'a> Debug for CertificateRevocationList<'a>
§impl<'a> FromDer<'a> for CertificateRevocationList<'a>
impl<'a> FromDer<'a> for CertificateRevocationList<'a>
CertificateList ::= SEQUENCE { tbsCertList TBSCertList, signatureAlgorithm AlgorithmIdentifier, signatureValue BIT STRING }
Auto Trait Implementations§
impl<'a> RefUnwindSafe for CertificateRevocationList<'a>
impl<'a> Send for CertificateRevocationList<'a>
impl<'a> Sync for CertificateRevocationList<'a>
impl<'a> Unpin for CertificateRevocationList<'a>
impl<'a> UnwindSafe for CertificateRevocationList<'a>
Blanket Implementations§
§impl<'a, T> AsTaggedExplicit<'a> for Twhere
T: 'a,
impl<'a, T> AsTaggedExplicit<'a> for Twhere T: 'a,
§impl<'a, T> AsTaggedImplicit<'a> for Twhere
T: 'a,
impl<'a, T> AsTaggedImplicit<'a> for Twhere T: 'a,
source§impl<T> Instrument for T
impl<T> Instrument for T
source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
§impl<T> IntoCollection<T> for T
impl<T> IntoCollection<T> for T
§fn into_collection<A>(self) -> SmallVec<A>where
A: Array<Item = T>,
fn into_collection<A>(self) -> SmallVec<A>where A: Array<Item = T>,
Converts
self
into a collection.