Expand description
§Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
rasn-pkix is an implementation of the data types defined in IETF
RFC 5280 also known PKIX.
This does not provide an implementation of a PKIX certificate generator or
validator, rasn-pkix provides a implementation of the underlying data types
used decode and encode certificates from DER.
Modules§
- attribute_
certificate - est
- Enrollment over Secure Transport
Structs§
- Access
Description - Algorithm
Identifier - Identifies what algorithm was used, along with any parameters used as input.
- Attribute
- Attribute
Type AndValue - Authority
KeyIdentifier - Identifying the public key corresponding to the private key used to sign a certificate.
- Basic
Constraints - Built
InDomain Defined Attribute - Built
InDomain Defined Attributes - Built
InStandard Attributes - Cert
Path Controls - CertPathControls provides the controls needed to initialize an X.509
- Certificate
- An X.509 certificate
- Certificate
List - A signed list of revoked certificates.
- Common
Name - Distribution
Point - E1634
Address - EdiParty
Name - Extension
- Extension to an X.509 certificate.
- Extension
Attribute - Extension
Attributes - Extensions
- General
Subtree - Issuing
Distribution Point - Name
Constraints - Notice
Reference - OrAddress
- Organisational
Unit Name - Organisational
Unit Names - PdsName
- PdsParameter
- Personal
Name - Policy
Constraints - Policy
Information - Policy
Mapping - Policy
Qualifier Info - Presentation
Address - Printable
Address - Relative
Distinguished Name - Revoked
Cerificate - Identifies a revoked certificate.
- Subject
Public KeyInfo - The subject’s public key, and the algorithm used to encode it.
- TbsCert
List - The list of revoked certificates along with associated metadata.
- TbsCertificate
- Information associated with the subject of the certificate and the CA that issued it.
- Teletex
Address - Teletex
Common Name - Teletex
Domain Defined Attribute - Teletex
Domain Defined Attributes - Teletex
Organisational Unit Name - Teletex
Organisational Unit Names - Teletex
Organization Name - Teletex
Personal Name - Trust
Anchor Info - Trust anchors are widely used to verify digital signatures and validate certification paths [RFC5280][X.509]. They are required when validating certification paths. Though widely used, there is no standard format for representing trust anchor information. The RFC-5914 document describes the TrustAnchorInfo structure.
- Unformatted
Postal Address - User
Notice - Validity
- The validity period of the certificate.
- Version
- The version of a encoded certificate.
- X520
Country Name - X520
Serial Number
Enums§
- Administration
Domain Name - Country
Name - CrlReason
- Directory
String - Display
Text - Distribution
Point Name - Extended
Network Address - General
Name - Name
- Physical
Delivery Country Name - Postal
Code - Private
Domain Name - Time
- A general time type.
- Trust
Anchor Choice - TrustAnchorChoice provides three options for representing a trust anchor.
- X520
Common Name - X520
Locality Name - X520
Name - X520
Organisation Name - X520
Organisational Unit Name - X520
Pseudonym - X520
State OrProvince Name - X520
Title
Type Aliases§
- Attribute
Type - Attribute
Value - Authority
Info Access Syntax - Base
CrlNumber - Base
Distance - Cert
Policy Flags - Cert
Policy Id - Certificate
Issuer - Certificate
Policies - Certificate
Serial Number - CpsUri
- CrlDistribution
Points - CrlNumber
- Domain
Component - Email
Address - ExtKey
Usage Syntax - Freshest
Crl - General
Names - General
Subtrees - Inhibit
AnyPolicy - Invalidity
Date - KeyIdentifier
- KeyPurpose
Id - KeyUsage
- Network
Address - Numeric
User Identifier - Organisation
Name - Policy
Mappings - Policy
Qualifier Id - RdnSequence
- Reason
Flags - Skip
Certs - Subject
AltName - Subject
Directory Attributes - Subject
Info Access Syntax - Subject
KeyIdentifier - Terminal
Identifier - Terminal
Type - Trust
Anchor Info Version - Trust
Anchor List - Trust
Anchor Title - Unique
Identifier - X121
Address - X520
DnQualifier