Crate c509_certificate

source ·
Expand description

CBOR Encoded X.509 Certificate (C509 Certificate) library

This crate provides a functionality for generating C509 Certificate.

§C509 certificate contains 2 parts

  1. TBSCertificate
  2. issuerSignatureValue

In order to generate an unsigned C509 certificate, the TBS Certificate must be provided. Then the unsigned C509 certificate will then be used to calculate the issuerSignatureValue.

§TBS Certificate

The To Be Sign Certificate contains the following fields:

  • c509CertificateType: A certificate type, whether 0 a natively signed C509 certificate following X.509 v3 or 1 a CBOR re-encoded X.509 v3 DER certificate.
  • certificateSerialNumber: A unique serial number for the certificate.
  • issuer: The entity that issued the certificate.
  • validityNotBefore: The duration for which the Certificate Authority (CA) guarantees it will retain information regarding the certificate’s status on which the period begins.
  • validityNotAfter: The duration for which the Certificate Authority (CA) guarantees it will retain information regarding the certificate’s status on which the period ends.
  • subject: The entity associated with the public key stored in the subject public key field.
  • subjectPublicKeyAlgorithm: The algorithm that the public key is used.
  • subjectPublicKey: The public key of the subject.
  • extensions: A list of extensions defined for X.509 v3 certificate, providing additional attributes for users or public keys, and for managing relationships between Certificate Authorities (CAs).
  • issuerSignatureAlgorithm: The algorithm used to sign the certificate (must be the algorithm uses to create IssuerSignatureValue).

Please refer to the C509 Certificate for more information.

Modules§

  • algorithm_identifier
    C509 Algorithm Identifier
  • attributes
    C509 Attributes containing Attribute
  • big_uint
    C509 Unwrapped CBOR Unsigned Bignum (~biguint)
  • c509
    C509 Certificate
  • extensions
    C509 Extension as a part of TBSCertificate used in C509 Certificate.
  • general_names
    C509 General Names
  • issuer_sig_algo
    C509 Issuer Signature Algorithm as a part of TBSCertificate used in C509 Certificate.
  • name
    C509 type Name
  • oid
    C509 OID provides an encoding and decoding of C509 Object Identifier (OID).
  • signing
    ED25519 public and private key implementation.
  • subject_pub_key_algo
    C509 Issuer Signature Algorithm as a part of TBSCertificate used in C509 Certificate.
  • tables 🔒
    A bimap table for bidirectional lookup.
  • tbs_cert
    To Be Sign Certificate (TBS Certificate) use to construct a C509 certificate.
  • time
    C509 Time
  • wasm_binding
    WASM binding wrapper for the C509 certificate crate.

Functions§

  • generate
    Generate a signed or unsigned C509 certificate.
  • verify
    Verify the signature of a C509 certificate.