CertificateRevocationList

x509_parser::revocation_list

Struct CertificateRevocationList 

Source 
pub struct CertificateRevocationList<'a> {
    pub tbs_cert_list: TbsCertList<'a>,
    pub signature_algorithm: AlgorithmIdentifier<'a>,
    pub signature_value: BitString<'a>,
    /* private fields */
}
Expand description

An X.509 v2 Certificate Revocation List (CRL).

X.509 v2 CRLs are defined in RFC5280.

§Example

To parse a CRL and print information about revoked certificates:

use x509_parser::prelude::FromDer;
use x509_parser::revocation_list::CertificateRevocationList;

let res = CertificateRevocationList::from_der(DER);
match res {
    Ok((_rem, crl)) => {
        for revoked in crl.iter_revoked_certificates() {
            println!("Revoked certificate serial: {}", revoked.raw_serial_as_string());
            println!("  Reason: {}", revoked.reason_code().unwrap_or_default().1);
        }
    },
    _ => panic!("CRL parsing failed: {:?}", res),
}

Fields§

§tbs_cert_list: TbsCertList<'a>§signature_algorithm: AlgorithmIdentifier<'a>§signature_value: BitString<'a>

Implementations§

Source§

impl<'a> CertificateRevocationList<'a>

Source

pub fn version(&self) -> Option<X509Version>

Get the version of the encoded certificate

Source

pub fn issuer(&self) -> &X509Name<'_>

Get the certificate issuer.

Source

pub fn last_update(&self) -> ASN1Time

Get the date and time of the last (this) update.

Source

pub fn next_update(&self) -> Option<ASN1Time>

Get the date and time of the next update, if present.

Source

pub fn iter_revoked_certificates( &self, ) -> impl Iterator<Item = &RevokedCertificate<'a>>

Return an iterator over the RevokedCertificate objects

Source

pub fn extensions(&self) -> &[X509Extension<'_>]

Get the CRL extensions.

Source

pub fn crl_number(&self) -> Option<&BigUint>

Get the CRL number, if present

Note that the returned value is a BigUint, because of the following RFC specification:

Given the requirements above, CRL numbers can be expected to contain long integers.  CRL
verifiers MUST be able to handle CRLNumber values up to 20 octets.  Conformant CRL issuers
MUST NOT use CRLNumber values longer than 20 octets.
Source

pub fn as_raw(&self) -> &'a [u8]

Return the raw ASN.1 DER content of the complete signed certificate revocation list that was parsed.

This includes the to-be-signed (TBS) certificate list, the signature algorithm, and the signature. If you want just the ASN.1 DER of the TBS certificate list, prefer TbsCertList::as_ref().

We avoid the AsRef trait in this instance to ensure the full lifetime of the CertificateRevocationList is used.

Source§

impl CertificateRevocationList<'_>

Source

pub fn walk<V: CertificateRevocationListVisitor>(&self, visitor: &mut V)

Run the provided CertificateRevocationListVisitor over the Certificate Revocation List (self)

Trait Implementations§

Source§

impl<'a> AsRef<[u8]> for CertificateRevocationList<'a>

Source§

fn as_ref(&self) -> &[u8]

Converts this type into a shared reference of the (usually inferred) input type.
Source§

impl<'a> Clone for CertificateRevocationList<'a>

Source§

fn clone(&self) -> CertificateRevocationList<'a>

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<'a> Debug for CertificateRevocationList<'a>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'a> FromDer<'a, X509Error> for CertificateRevocationList<'a>

CertificateList  ::=  SEQUENCE  {
     tbsCertList          TBSCertList,
     signatureAlgorithm   AlgorithmIdentifier,
     signatureValue       BIT STRING  }
Source§

fn from_der(i: &'a [u8]) -> X509Result<'a, Self>

Attempt to parse input bytes into a DER object (enforcing constraints)

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.