[−][src]Struct rustls::sign::CertifiedKey
A packaged-together certificate chain, matching SigningKey and
optional stapled OCSP response and/or SCT.
Fields
cert: Vec<Certificate>The certificate chain.
key: Arc<Box<dyn SigningKey>>The certified key.
ocsp: Option<Vec<u8>>An optional OCSP response from the certificate issuer, attesting to its continued validity.
sct_list: Option<Vec<u8>>An optional collection of SCTs from CT logs, proving the
certificate is included on those logs. This must be
a SignedCertificateTimestampList encoding; see RFC6962.
Methods
impl CertifiedKey[src]
pub fn new(
cert: Vec<Certificate>,
key: Arc<Box<dyn SigningKey>>
) -> CertifiedKey[src]
cert: Vec<Certificate>,
key: Arc<Box<dyn SigningKey>>
) -> CertifiedKey
Make a new CertifiedKey, with the given chain and key.
The cert chain must not be empty. The first certificate in the chain must be the end-entity certificate.
pub fn end_entity_cert(&self) -> Result<&Certificate, ()>[src]
The end-entity certificate.
pub fn take_cert(&mut self) -> Vec<Certificate>[src]
Steal ownership of the certificate chain.
pub fn has_ocsp(&self) -> bool[src]
Return true if there's an OCSP response.
pub fn take_ocsp(&mut self) -> Option<Vec<u8>>[src]
Steal ownership of the OCSP response.
pub fn has_sct_list(&self) -> bool[src]
Return true if there's an SCT list.
pub fn take_sct_list(&mut self) -> Option<Vec<u8>>[src]
Steal ownership of the SCT list.
pub fn cross_check_end_entity_cert(
&self,
name: Option<DNSNameRef>
) -> Result<(), TLSError>[src]
&self,
name: Option<DNSNameRef>
) -> Result<(), TLSError>
Check the certificate chain for validity:
- it should be non-empty list
- the first certificate should be parsable as a x509v3,
- the first certificate should quote the given server name (if provided)
These checks are not security-sensitive. They are the server attempting to detect accidental misconfiguration.
Trait Implementations
impl Clone for CertifiedKey[src]
fn clone(&self) -> CertifiedKey[src]
fn clone_from(&mut self, source: &Self)1.0.0[src]
Performs copy-assignment from source. Read more
Auto Trait Implementations
impl Unpin for CertifiedKey
impl Sync for CertifiedKey
impl Send for CertifiedKey
impl !UnwindSafe for CertifiedKey
impl !RefUnwindSafe for CertifiedKey
Blanket Implementations
impl<T> ToOwned for T where
T: Clone, [src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
fn to_owned(&self) -> T[src]
fn clone_into(&self, target: &mut T)[src]
impl<T> From<T> for T[src]
impl<T, U> Into<U> for T where
U: From<T>, [src]
U: From<T>,
impl<T, U> TryFrom<U> for T where
U: Into<T>, [src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>, [src]
U: TryFrom<T>,
type Error = <U as TryFrom<T>>::Error
The type returned in the event of a conversion error.
fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>[src]
impl<T> Borrow<T> for T where
T: ?Sized, [src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized, [src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T[src]
impl<T> Any for T where
T: 'static + ?Sized, [src]
T: 'static + ?Sized,