Struct Validity

pub struct Validity {
    pub not_before: ASN1Time,
    pub not_after: ASN1Time,
}

Fields

not_before: ASN1Time

not_after: ASN1Time

Implementations

impl Validity

pub fn time_to_expiration(&self) -> Option<Duration>

The time left before the certificate expires.

If the certificate is not currently valid, then None is returned. Otherwise, the Duration until the certificate expires is returned.

pub fn is_valid_at(&self, time: ASN1Time) -> bool

Check the certificate time validity for the provided date/time

pub fn is_valid(&self) -> bool

Check the certificate time validity

Examples found in repository

examples/print-cert.rs (line 168)

fn print_x509_info(x509: &X509Certificate) -> io::Result<()> {
    let version = x509.version();
    if version.0 < 3 {
        println!("  Version: {}", version);
    } else {
        println!("  Version: INVALID({})", version.0);
    }
    println!("  Serial: {}", x509.tbs_certificate.raw_serial_as_string());
    println!("  Subject: {}", x509.subject());
    println!("  Issuer: {}", x509.issuer());
    println!("  Validity:");
    println!("    NotBefore: {}", x509.validity().not_before);
    println!("    NotAfter:  {}", x509.validity().not_after);
    println!("    is_valid:  {}", x509.validity().is_valid());
    println!("  Subject Public Key Info:");
    print_x509_ski(x509.public_key());
    print_x509_signature_algorithm(&x509.signature_algorithm, 4);

    println!("  Signature Value:");
    for l in format_number_to_hex_with_colon(&x509.signature_value.data, 16) {
        println!("      {}", l);
    }
    println!("  Extensions:");
    for ext in x509.extensions() {
        print_x509_extension(&ext.oid, ext);
    }
    println!();
    print!("Structure validation status: ");
    #[cfg(feature = "validate")]
    {
        let mut logger = VecLogger::default();
        // structure validation status
        let ok = X509StructureValidator
            .chain(X509CertificateValidator)
            .validate(x509, &mut logger);
        if ok {
            println!("Ok");
        } else {
            println!("FAIL");
        }
        for warning in logger.warnings() {
            println!("  [W] {}", warning);
        }
        for error in logger.errors() {
            println!("  [E] {}", error);
        }
        println!();
        if VALIDATE_ERRORS_FATAL && !logger.errors().is_empty() {
            return Err(io::Error::new(io::ErrorKind::Other, "validation failed"));
        }
    }
    #[cfg(not(feature = "validate"))]
    {
        println!("Unknown (feature 'validate' not enabled)");
    }
    #[cfg(feature = "verify")]
    {
        print!("Signature verification: ");
        if x509.subject() == x509.issuer() {
            if x509.verify_signature(None).is_ok() {
                println!("OK");
                println!("  [I] certificate is self-signed");
            } else if x509.subject() == x509.issuer() {
                println!("FAIL");
                println!("  [W] certificate looks self-signed, but signature verification failed");
            }
        } else {
            // if subject is different from issuer, we cannot verify certificate without the public key of the issuer
            println!("N/A");
        }
    }
    Ok(())
}

Trait Implementations

impl Clone for Validity

fn clone(&self) -> Validity

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Validity

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl FromDer<'_, X509Error> for Validity

fn from_der(i: &[u8]) -> X509Result<'_, Self>

Attempt to parse input bytes into a DER object (enforcing constraints)

impl PartialEq for Validity

fn eq(&self, other: &Validity) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Eq for Validity

impl StructuralPartialEq for Validity