Credentials

rustls::crypto

Struct Credentials 

Source 
#[non_exhaustive]
pub struct Credentials {
    pub identity: Arc<Identity<'static>>,
    pub key: Box<dyn SigningKey>,
    pub ocsp: Option<Arc<[u8]>>,
}
Expand description

A packaged-together certificate chain, matching SigningKey and optional stapled OCSP response.

Note: this struct is also used to represent an RFC 7250 raw public key, when the client/server is configured to use raw public keys instead of certificates.

Fields (Non-exhaustive)§

This struct is marked as non-exhaustive
Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.
§identity: Arc<Identity<'static>>

The certificate chain or raw public key.

§key: Box<dyn SigningKey>

The signing key matching the identity.

§ocsp: Option<Arc<[u8]>>

An optional OCSP response from the certificate issuer, attesting to its continued validity.

Implementations§

Source§

impl Credentials

Source

pub fn from_der( identity: Arc<Identity<'static>>, key: PrivateKeyDer<'static>, provider: &CryptoProvider, ) -> Result<Self, Error>

Create a new Credentials from a certificate chain and DER-encoded private key.

Attempt to parse the private key with the given CryptoProvider’s KeyProvider and verify that it matches the public key in the first certificate of the identity if possible (if it is an X509 identity).

Source

pub fn new( identity: Arc<Identity<'static>>, key: Box<dyn SigningKey>, ) -> Result<Self, Error>

Make a new Credentials, with the given identity and key.

Yields Error::InconsistentKeys if the identity is X509 and the end-entity certificate’s subject public key info does not match that of the key’s public key, or if the key does not have a public key.

This constructor should be used with all SigningKey implementations that can provide a public key, including those provided by rustls itself.

Source

pub fn new_unchecked( identity: Arc<Identity<'static>>, key: Box<dyn SigningKey>, ) -> Self

Make a new Credentials from a raw private key.

Unlike Credentials::new(), this does not check that the end-entity certificate’s subject key matches key’s public key.

This avoids parsing the end-entity certificate, which is useful when using client certificates that are not fully standards compliant, but known to usable by the peer.

Source

pub fn signer( &self, sig_schemes: &[SignatureScheme], ) -> Option<SelectedCredential>

Attempt to produce a SelectedCredential using one of the given signature schemes.

Calls SigningKey::choose_scheme() and propagates cert_chain and ocsp.

Trait Implementations§

Source§

impl Debug for Credentials

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl From<Credentials> for SingleCredential

Source§

fn from(credentials: Credentials) -> Self

Converts to this type from the input type.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.