Expand description
webpki: Web PKI X.509 Certificate Validation.
See EndEntityCert
’s documentation for a description of the certificate
processing steps necessary for a TLS connection.
§Features
Feature | Description |
---|---|
alloc | Enable features that require use of the heap. Currently all RSA signature algorithms require this feature. |
std | Enable features that require libstd. Implies alloc . |
Structs§
- DnsName
- Requires the
alloc
feature. A DNS Name suitable for use in the TLS Server Name Indication (SNI) extension and/or for use as the reference hostname for which to verify a certificate. - DnsName
Ref - A reference to a DNS Name suitable for use in the TLS Server Name Indication (SNI) extension and/or for use as the reference hostname for which to verify a certificate.
- EndEntity
Cert - An end-entity certificate.
- Invalid
DnsName Error - An error indicating that a
DnsNameRef
could not built because the input is not a syntactically-valid DNS Name. - Signature
Algorithm - A signature algorithm.
- Time
- The time type.
- TlsClient
Trust Anchors - Trust anchors which may be used for authenticating clients.
- TlsServer
Trust Anchors - Trust anchors which may be used for authenticating servers.
- Trust
Anchor - A trust anchor (a.k.a. root CA).
Enums§
- Error
- An error that occurs during certificate validation or name validation.
- Error
Ext - An error that occurs during certificate validation or name validation.
Statics§
- ECDSA_
P256_ SHA256 - ECDSA signatures using the P-256 curve and SHA-256.
- ECDSA_
P256_ SHA384 - ECDSA signatures using the P-256 curve and SHA-384. Deprecated.
- ECDSA_
P384_ SHA256 - ECDSA signatures using the P-384 curve and SHA-256. Deprecated.
- ECDSA_
P384_ SHA384 - ECDSA signatures using the P-384 curve and SHA-384.
- ED25519
- ED25519 signatures according to RFC 8410
- RSA_
PKCS1_ 2048_ 8192_ SHA256 - RSA PKCS#1 1.5 signatures using SHA-256 for keys of 2048-8192 bits.
- RSA_
PKCS1_ 2048_ 8192_ SHA384 - RSA PKCS#1 1.5 signatures using SHA-384 for keys of 2048-8192 bits.
- RSA_
PKCS1_ 2048_ 8192_ SHA512 - RSA PKCS#1 1.5 signatures using SHA-512 for keys of 2048-8192 bits.
- RSA_
PKCS1_ 3072_ 8192_ SHA384 - RSA PKCS#1 1.5 signatures using SHA-384 for keys of 3072-8192 bits.
- RSA_
PSS_ 2048_ 8192_ SHA256_ LEGACY_ KEY - RSA PSS signatures using SHA-256 for keys of 2048-8192 bits and of type rsaEncryption; see RFC 4055 Section 1.2.
- RSA_
PSS_ 2048_ 8192_ SHA384_ LEGACY_ KEY - RSA PSS signatures using SHA-384 for keys of 2048-8192 bits and of type rsaEncryption; see RFC 4055 Section 1.2.
- RSA_
PSS_ 2048_ 8192_ SHA512_ LEGACY_ KEY - RSA PSS signatures using SHA-512 for keys of 2048-8192 bits and of type rsaEncryption; see RFC 4055 Section 1.2.
Type Aliases§
- DNSName
Deprecated - DNSName
Ref Deprecated - TLSClient
Trust Anchors Deprecated - TLSServer
Trust Anchors Deprecated