pub struct X509Crl(/* private fields */);
Expand description
An X509
certificate revocation list.
Implementations§
source§impl X509Crl
impl X509Crl
sourcepub fn from_pem(pem: &[u8]) -> Result<X509Crl, ErrorStack>
pub fn from_pem(pem: &[u8]) -> Result<X509Crl, ErrorStack>
Deserializes a PEM-encoded Certificate Revocation List
The input should have a header of -----BEGIN X509 CRL-----
.
This corresponds to PEM_read_bio_X509_CRL
.
sourcepub fn from_der(der: &[u8]) -> Result<X509Crl, ErrorStack>
pub fn from_der(der: &[u8]) -> Result<X509Crl, ErrorStack>
Deserializes a DER-encoded Certificate Revocation List
This corresponds to d2i_X509_CRL
.
Methods from Deref<Target = X509CrlRef>§
sourcepub fn to_pem(&self) -> Result<Vec<u8>, ErrorStack>
pub fn to_pem(&self) -> Result<Vec<u8>, ErrorStack>
Serializes the certificate request to a PEM-encoded Certificate Revocation List.
The output will have a header of -----BEGIN X509 CRL-----
.
This corresponds to PEM_write_bio_X509_CRL
.
sourcepub fn to_der(&self) -> Result<Vec<u8>, ErrorStack>
pub fn to_der(&self) -> Result<Vec<u8>, ErrorStack>
Serializes the certificate request to a DER-encoded Certificate Revocation List.
This corresponds to i2d_X509_CRL
.
sourcepub fn get_revoked(&self) -> Option<&StackRef<X509Revoked>>
pub fn get_revoked(&self) -> Option<&StackRef<X509Revoked>>
Get the stack of revocation entries
sourcepub fn last_update(&self) -> &Asn1TimeRef
pub fn last_update(&self) -> &Asn1TimeRef
Returns the CRL’s lastUpdate
time.
This corresponds to X509_CRL_get0_lastUpdate
.
sourcepub fn next_update(&self) -> Option<&Asn1TimeRef>
pub fn next_update(&self) -> Option<&Asn1TimeRef>
Returns the CRL’s nextUpdate
time.
If the nextUpdate
field is missing, returns None
.
This corresponds to X509_CRL_get0_nextUpdate
.
sourcepub fn get_by_serial<'a>(&'a self, serial: &Asn1IntegerRef) -> CrlStatus<'a>
pub fn get_by_serial<'a>(&'a self, serial: &Asn1IntegerRef) -> CrlStatus<'a>
Get the revocation status of a certificate by its serial number
This corresponds to X509_CRL_get0_by_serial
.
sourcepub fn get_by_cert<'a>(&'a self, cert: &X509) -> CrlStatus<'a>
pub fn get_by_cert<'a>(&'a self, cert: &X509) -> CrlStatus<'a>
Get the revocation status of a certificate
This corresponds to X509_CRL_get0_by_cert
.
sourcepub fn issuer_name(&self) -> &X509NameRef
pub fn issuer_name(&self) -> &X509NameRef
Get the issuer name from the revocation list.
This corresponds to X509_CRL_get_issuer
.
sourcepub fn verify<T>(&self, key: &PKeyRef<T>) -> Result<bool, ErrorStack>where
T: HasPublic,
pub fn verify<T>(&self, key: &PKeyRef<T>) -> Result<bool, ErrorStack>where
T: HasPublic,
Check if the CRL is signed using the given public key.
Only the signature is checked: no other checks (such as certificate chain validity) are performed.
Returns true
if verification succeeds.
This corresponds to X509_CRL_verify
.
sourcepub fn extension<T: ExtensionType>(
&self,
) -> Result<Option<(bool, T::Output)>, ErrorStack>
pub fn extension<T: ExtensionType>( &self, ) -> Result<Option<(bool, T::Output)>, ErrorStack>
Get the criticality and value of an extension.
This returns None if the extension is not present or occurs multiple times.
This corresponds to X509_CRL_get_ext_d2i
.