pub struct CertificateRevocationList { /* private fields */ }Expand description
A certificate revocation list (CRL)
§Example
extern crate rcgen;
use rcgen::*;
#[cfg(not(feature = "crypto"))]
struct MyKeyPair { public_key: Vec<u8> }
#[cfg(not(feature = "crypto"))]
impl RemoteKeyPair for MyKeyPair {
fn public_key(&self) -> &[u8] { &self.public_key }
fn sign(&self, _: &[u8]) -> Result<Vec<u8>, rcgen::Error> { Ok(vec![]) }
fn algorithm(&self) -> &'static SignatureAlgorithm { &PKCS_ED25519 }
}
// Generate a CRL issuer.
let mut issuer_params = CertificateParams::new(vec!["crl.issuer.example.com".to_string()]).unwrap();
issuer_params.serial_number = Some(SerialNumber::from(9999));
issuer_params.is_ca = IsCa::Ca(BasicConstraints::Unconstrained);
issuer_params.key_usages = vec![KeyUsagePurpose::KeyCertSign, KeyUsagePurpose::DigitalSignature, KeyUsagePurpose::CrlSign];
#[cfg(feature = "crypto")]
let key_pair = KeyPair::generate().unwrap();
#[cfg(not(feature = "crypto"))]
let remote_key_pair = MyKeyPair { public_key: vec![] };
#[cfg(not(feature = "crypto"))]
let key_pair = KeyPair::from_remote(Box::new(remote_key_pair)).unwrap();
let issuer = issuer_params.self_signed(&key_pair).unwrap();
// Describe a revoked certificate.
let revoked_cert = RevokedCertParams{
serial_number: SerialNumber::from(9999),
revocation_time: date_time_ymd(2024, 06, 17),
reason_code: Some(RevocationReason::KeyCompromise),
invalidity_date: None,
};
// Create a CRL signed by the issuer, revoking revoked_cert.
let crl = CertificateRevocationListParams{
this_update: date_time_ymd(2023, 06, 17),
next_update: date_time_ymd(2024, 06, 17),
crl_number: SerialNumber::from(1234),
issuing_distribution_point: None,
revoked_certs: vec![revoked_cert],
#[cfg(feature = "crypto")]
key_identifier_method: KeyIdMethod::Sha256,
#[cfg(not(feature = "crypto"))]
key_identifier_method: KeyIdMethod::PreSpecified(vec![]),
}.signed_by(&issuer, &key_pair).unwrap();Implementations§
Source§impl CertificateRevocationList
impl CertificateRevocationList
Sourcepub fn params(&self) -> &CertificateRevocationListParams
pub fn params(&self) -> &CertificateRevocationListParams
Returns the certificate revocation list (CRL) parameters.
Sourcepub fn pem(&self) -> Result<String, Error>
Available on crate feature pem only.
pub fn pem(&self) -> Result<String, Error>
pem only.Get the CRL in PEM encoded format.
Sourcepub fn der(&self) -> &CertificateRevocationListDer<'static>
pub fn der(&self) -> &CertificateRevocationListDer<'static>
Get the CRL in DER encoded format.
CertificateRevocationListDer implements Deref<Target = [u8]> and AsRef<[u8]>,
so you can easily extract the DER bytes from the return value.
Trait Implementations§
Source§impl From<CertificateRevocationList> for CertificateRevocationListDer<'static>
impl From<CertificateRevocationList> for CertificateRevocationListDer<'static>
Source§fn from(crl: CertificateRevocationList) -> Self
fn from(crl: CertificateRevocationList) -> Self
Converts to this type from the input type.
Auto Trait Implementations§
impl Freeze for CertificateRevocationList
impl RefUnwindSafe for CertificateRevocationList
impl Send for CertificateRevocationList
impl Sync for CertificateRevocationList
impl Unpin for CertificateRevocationList
impl UnwindSafe for CertificateRevocationList
Blanket Implementations§
Source§impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
Source§impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more