Expand description
webpki: Web PKI X.509 Certificate Validation.
See EndEntityCert
’s documentation for a description of the certificate
processing steps necessary for a TLS connection.
Features
Feature | Description |
---|---|
alloc | Enable features that require use of the heap. Currently all RSA signature algorithms require this feature. |
std | Enable features that require libstd. Implies alloc . |
Structs
- Requires the
alloc
feature. A DNS Name suitable for use in the TLS Server Name Indication (SNI) extension and/or for use as the reference hostname for which to verify a certificate. - A reference to a DNS Name suitable for use in the TLS Server Name Indication (SNI) extension and/or for use as the reference hostname for which to verify a certificate.
- An end-entity certificate.
- An error indicating that a
DnsNameRef
could not built because the input is not a syntactically-valid DNS Name. - A signature algorithm.
- The time type.
- Trust anchors which may be used for authenticating clients.
- Trust anchors which may be used for authenticating servers.
- A trust anchor (a.k.a. root CA).
Enums
- An error that occurs during certificate validation or name validation.
Statics
- ECDSA signatures using the P-256 curve and SHA-256.
- ECDSA signatures using the P-256 curve and SHA-384. Deprecated.
- ECDSA signatures using the P-384 curve and SHA-256. Deprecated.
- ECDSA signatures using the P-384 curve and SHA-384.
- ED25519 signatures according to RFC 8410
- RSA PKCS#1 1.5 signatures using SHA-256 for keys of 2048-8192 bits.
- RSA PKCS#1 1.5 signatures using SHA-384 for keys of 2048-8192 bits.
- RSA PKCS#1 1.5 signatures using SHA-512 for keys of 2048-8192 bits.
- RSA PKCS#1 1.5 signatures using SHA-384 for keys of 3072-8192 bits.
- RSA PSS signatures using SHA-256 for keys of 2048-8192 bits and of type rsaEncryption; see RFC 4055 Section 1.2.
- RSA PSS signatures using SHA-384 for keys of 2048-8192 bits and of type rsaEncryption; see RFC 4055 Section 1.2.
- RSA PSS signatures using SHA-512 for keys of 2048-8192 bits and of type rsaEncryption; see RFC 4055 Section 1.2.
Type Definitions
- DNSNameDeprecated
- DNSNameRefDeprecated
- TLSClientTrustAnchorsDeprecated
- TLSServerTrustAnchorsDeprecated