Struct x509_parser::revocation_list::CertificateRevocationList

pub struct CertificateRevocationList<'a> {
    pub tbs_cert_list: TbsCertList<'a>,
    pub signature_algorithm: AlgorithmIdentifier<'a>,
    pub signature_value: BitString<'a>,
}

An X.509 v2 Certificate Revocation List (CRL).

X.509 v2 CRLs are defined in RFC5280.

Example

To parse a CRL and print information about revoked certificates:

use x509_parser::prelude::FromDer;
use x509_parser::revocation_list::CertificateRevocationList;

let res = CertificateRevocationList::from_der(DER);
match res {
    Ok((_rem, crl)) => {
        for revoked in crl.iter_revoked_certificates() {
            println!("Revoked certificate serial: {}", revoked.raw_serial_as_string());
            println!("  Reason: {}", revoked.reason_code().unwrap_or_default().1);
        }
    },
    _ => panic!("CRL parsing failed: {:?}", res),
}

Fields

tbs_cert_list: TbsCertList<'a>

signature_algorithm: AlgorithmIdentifier<'a>

signature_value: BitString<'a>

Implementations

impl<'a> CertificateRevocationList<'a>

pub fn version(&self) -> Option<X509Version>

Get the version of the encoded certificate

pub fn issuer(&self) -> &X509Name<'_>

Get the certificate issuer.

pub fn last_update(&self) -> ASN1Time

Get the date and time of the last (this) update.

pub fn next_update(&self) -> Option<ASN1Time>

Get the date and time of the next update, if present.

pub fn iter_revoked_certificates(
    &self
) -> impl Iterator<Item = &RevokedCertificate<'a>>

Return an iterator over the RevokedCertificate objects

pub fn extensions(&self) -> &[X509Extension<'_>]

Get the CRL extensions.

pub fn crl_number(&self) -> Option<&BigUint>

Get the CRL number, if present

Note that the returned value is a BigUint, because of the following RFC specification:

Given the requirements above, CRL numbers can be expected to contain long integers.  CRL
verifiers MUST be able to handle CRLNumber values up to 20 octets.  Conformant CRL issuers
MUST NOT use CRLNumber values longer than 20 octets.

Trait Implementations

impl<'a> Clone for CertificateRevocationList<'a>

fn clone(&self) -> CertificateRevocationList<'a>

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<'a> Debug for CertificateRevocationList<'a>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'a> FromDer<'a, X509Error> for CertificateRevocationList<'a>

CertificateList  ::=  SEQUENCE  {
     tbsCertList          TBSCertList,
     signatureAlgorithm   AlgorithmIdentifier,
     signatureValue       BIT STRING  }

fn from_der(i: &'a [u8]) -> X509Result<'_, Self>

Attempt to parse input bytes into a DER object (enforcing constraints)