1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
//! PKIX X.509 Certificate Extensions (RFC 5280)
pub mod certpolicy;
pub mod constraints;
pub mod crl;
pub mod name;
mod access;
mod authkeyid;
mod keyusage;
mod policymap;
use crate::attr::AttributeTypeAndValue;
pub use access::{AccessDescription, AuthorityInfoAccessSyntax, SubjectInfoAccessSyntax};
pub use authkeyid::AuthorityKeyIdentifier;
pub use certpolicy::CertificatePolicies;
use const_oid::{AssociatedOid, ObjectIdentifier};
pub use constraints::{BasicConstraints, NameConstraints, PolicyConstraints};
pub use crl::{
BaseCrlNumber, CrlDistributionPoints, CrlNumber, CrlReason, FreshestCrl,
IssuingDistributionPoint,
};
pub use keyusage::{ExtendedKeyUsage, KeyUsage, KeyUsages, PrivateKeyUsagePeriod};
pub use policymap::{PolicyMapping, PolicyMappings};
pub use const_oid::db::rfc5280::{
ID_CE_INHIBIT_ANY_POLICY, ID_CE_ISSUER_ALT_NAME, ID_CE_SUBJECT_ALT_NAME,
ID_CE_SUBJECT_DIRECTORY_ATTRIBUTES, ID_CE_SUBJECT_KEY_IDENTIFIER,
};
use alloc::vec::Vec;
use der::asn1::OctetStringRef;
/// SubjectKeyIdentifier as defined in [RFC 5280 Section 4.2.1.2].
///
/// ```text
/// SubjectKeyIdentifier ::= KeyIdentifier
/// ```
///
/// [RFC 5280 Section 4.2.1.2]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.2
#[derive(Copy, Clone, Debug, PartialEq, Eq)]
pub struct SubjectKeyIdentifier<'a>(pub OctetStringRef<'a>);
impl<'a> AssociatedOid for SubjectKeyIdentifier<'a> {
const OID: ObjectIdentifier = ID_CE_SUBJECT_KEY_IDENTIFIER;
}
impl_newtype!(SubjectKeyIdentifier<'a>, OctetStringRef<'a>);
/// SubjectAltName as defined in [RFC 5280 Section 4.2.1.6].
///
/// ```text
/// SubjectAltName ::= GeneralNames
/// ```
///
/// [RFC 5280 Section 4.2.1.6]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.6
#[derive(Clone, Debug, Default, PartialEq, Eq)]
pub struct SubjectAltName<'a>(pub name::GeneralNames<'a>);
impl<'a> AssociatedOid for SubjectAltName<'a> {
const OID: ObjectIdentifier = ID_CE_SUBJECT_ALT_NAME;
}
impl_newtype!(SubjectAltName<'a>, name::GeneralNames<'a>);
/// IssuerAltName as defined in [RFC 5280 Section 4.2.1.7].
///
/// ```text
/// IssuerAltName ::= GeneralNames
/// ```
///
/// [RFC 5280 Section 4.2.1.7]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.7
#[derive(Clone, Debug, Default, PartialEq, Eq)]
pub struct IssuerAltName<'a>(pub name::GeneralNames<'a>);
impl<'a> AssociatedOid for IssuerAltName<'a> {
const OID: ObjectIdentifier = ID_CE_ISSUER_ALT_NAME;
}
impl_newtype!(IssuerAltName<'a>, name::GeneralNames<'a>);
/// SubjectDirectoryAttributes as defined in [RFC 5280 Section 4.2.1.8].
///
/// ```text
/// SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF AttributeSet
/// ```
///
/// [RFC 5280 Section 4.2.1.8]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.8
#[derive(Clone, Debug, Default, PartialEq, Eq)]
pub struct SubjectDirectoryAttributes<'a>(pub Vec<AttributeTypeAndValue<'a>>);
impl<'a> AssociatedOid for SubjectDirectoryAttributes<'a> {
const OID: ObjectIdentifier = ID_CE_SUBJECT_DIRECTORY_ATTRIBUTES;
}
impl_newtype!(
SubjectDirectoryAttributes<'a>,
Vec<AttributeTypeAndValue<'a>>
);
/// InhibitAnyPolicy as defined in [RFC 5280 Section 4.2.1.14].
///
/// ```text
/// InhibitAnyPolicy ::= SkipCerts
/// ```
///
/// [RFC 5280 Section 4.2.1.14]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.14
#[derive(Copy, Clone, Debug, Default, PartialEq, Eq)]
pub struct InhibitAnyPolicy(pub u32);
impl AssociatedOid for InhibitAnyPolicy {
const OID: ObjectIdentifier = ID_CE_INHIBIT_ANY_POLICY;
}
impl_newtype!(InhibitAnyPolicy, u32);
|