pub struct X509Extension(/* private fields */);
Expand description
Permit additional fields to be added to an X509
v3 certificate.
Implementations§
source§impl X509Extension
impl X509Extension
sourcepub fn new(
conf: Option<&ConfRef>,
context: Option<&X509v3Context<'_>>,
name: &str,
value: &str,
) -> Result<X509Extension, ErrorStack>
👎Deprecated since 0.10.51: Use x509::extension types or new_from_der instead
pub fn new( conf: Option<&ConfRef>, context: Option<&X509v3Context<'_>>, name: &str, value: &str, ) -> Result<X509Extension, ErrorStack>
Constructs an X509 extension value. See man x509v3_config
for information on supported
names and their value formats.
Some extension types, such as subjectAlternativeName
, require an X509v3Context
to be
provided.
DO NOT CALL THIS WITH UNTRUSTED value
: value
is an OpenSSL
mini-language that can read arbitrary files.
See the extension module for builder types which will construct certain common extensions.
This function is deprecated, X509Extension::new_from_der
or the
types in x509::extension
should be used in its place.
sourcepub fn new_nid(
conf: Option<&ConfRef>,
context: Option<&X509v3Context<'_>>,
name: Nid,
value: &str,
) -> Result<X509Extension, ErrorStack>
👎Deprecated since 0.10.51: Use x509::extension types or new_from_der instead
pub fn new_nid( conf: Option<&ConfRef>, context: Option<&X509v3Context<'_>>, name: Nid, value: &str, ) -> Result<X509Extension, ErrorStack>
Constructs an X509 extension value. See man x509v3_config
for information on supported
extensions and their value formats.
Some extension types, such as nid::SUBJECT_ALTERNATIVE_NAME
, require an X509v3Context
to
be provided.
DO NOT CALL THIS WITH UNTRUSTED value
: value
is an OpenSSL
mini-language that can read arbitrary files.
See the extension module for builder types which will construct certain common extensions.
This function is deprecated, X509Extension::new_from_der
or the
types in x509::extension
should be used in its place.
sourcepub fn new_from_der(
oid: &Asn1ObjectRef,
critical: bool,
der_contents: &Asn1OctetStringRef,
) -> Result<X509Extension, ErrorStack>
pub fn new_from_der( oid: &Asn1ObjectRef, critical: bool, der_contents: &Asn1OctetStringRef, ) -> Result<X509Extension, ErrorStack>
Constructs a new X509 extension value from its OID, whether it’s critical, and its DER contents.
The extent structure of the DER value will vary based on the extension type, and can generally be found in the RFC defining the extension.
For common extension types, there are Rust APIs provided in
openssl::x509::extensions
which are more ergonomic.
sourcepub unsafe fn add_alias(to: Nid, from: Nid) -> Result<(), ErrorStack>
👎Deprecated since 0.10.51: Use x509::extension types or new_from_der and then this is not necessary
pub unsafe fn add_alias(to: Nid, from: Nid) -> Result<(), ErrorStack>
Adds an alias for an extension
§Safety
This method modifies global state without locking and therefore is not thread safe
This corresponds to X509V3_EXT_add_alias
.
Methods from Deref<Target = X509ExtensionRef>§
sourcepub fn to_der(&self) -> Result<Vec<u8>, ErrorStack>
pub fn to_der(&self) -> Result<Vec<u8>, ErrorStack>
Serializes the Extension to its standard DER encoding.
This corresponds to i2d_X509_EXTENSION
.