pub struct Validator { /* private fields */ }Expand description
Attestation validator.
§Examples
let mut validator = attestation_validator::Validator::default();
validator.add_from_pem(std::fs::File::open("hsm-attestation-pem")?)?;
let extensions = validator.leaf_extensions()?;
let extension = extensions.get("1.3.6.1.4.1.41482.4.1")?;Implementations§
Source§impl Validator
impl Validator
Sourcepub fn add_from_pem(&mut self, reader: impl Read + Seek) -> Result<()>
pub fn add_from_pem(&mut self, reader: impl Read + Seek) -> Result<()>
Adds one or more PEM-encoded certificates from the reader to the certificate chain.
Adding certificate triggers chain validation.
§Examples
let mut validator = attestation_validator::Validator::default();
validator.add_from_pem(std::fs::File::open("hsm-attestation-pem")?)?;§Errors
Returns an error if PEM parsing fails or certificate chain validation fails.
Sourcepub fn add_from_der(&mut self, der: Vec<u8>) -> Result<()>
pub fn add_from_der(&mut self, der: Vec<u8>) -> Result<()>
Adds one raw, binary DER-encoded certificate to the certificate chain.
Adding certificate triggers chain validation.
§Examples
let mut validator = attestation_validator::Validator::default();
validator.add_from_der(std::fs::read("hsm-attestation-cert.cer")?)?;§Errors
Returns an error if DER parsing fails or certificate chain validation fails.
Sourcepub fn leaf_extensions(&self) -> Result<Extensions>
pub fn leaf_extensions(&self) -> Result<Extensions>
Returns extensions present in the last certificate in the chain (leaf).
§Examples
let mut validator = attestation_validator::Validator::default();
validator.add_from_pem(std::fs::File::open("hsm-attestation-pem")?)?;
let extensions = validator.leaf_extensions()?;
let extension = extensions.get("1.3.6.1.4.1.41482.4.1")?;§Errors
Returns an error if DER parsing of the last certificate fails, if there are no certificates in the chain or no extensions.
Sourcepub fn leaf_public_key(&self) -> Result<Vec<u8>>
pub fn leaf_public_key(&self) -> Result<Vec<u8>>
Returns a raw, unparsed PKIX of the public key in ASN.1 DER form (see RFC 5280, Section 4.1).
§Examples
let mut validator = attestation_validator::Validator::default();
validator.add_from_pem(std::fs::File::open("hsm-attestation-pem")?)?;
let public_key_der = validator.leaf_public_key()?;
assert_eq!(public_key_der[0..3], [48, 42, 48]);§Errors
Returns an error if DER parsing of the last certificate fails, if there are no certificates in the chain.