Struct trust_dns_proto::rr::rdata::tlsa::TLSA

source · 
pub struct TLSA { /* private fields */ }
Expand description

RFC 6698, DNS-Based Authentication for TLS

2.1.  TLSA RDATA Wire Format

   The RDATA for a TLSA RR consists of a one-octet certificate usage
   field, a one-octet selector field, a one-octet matching type field,
   and the certificate association data field.

                        1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |  Cert. Usage  |   Selector    | Matching Type |               /
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+               /
   /                                                               /
   /                 Certificate Association Data                  /
   /                                                               /
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Implementations§

source§

impl TLSA

source

pub fn new( cert_usage: CertUsage, selector: Selector, matching: Matching, cert_data: Vec<u8> ) -> Self

Constructs a new TLSA

RFC 6698, DNS-Based Authentication for TLS

2.  The TLSA Resource Record

   The TLSA DNS resource record (RR) is used to associate a TLS server
   certificate or public key with the domain name where the record is
   found, thus forming a "TLSA certificate association".  The semantics
   of how the TLSA RR is interpreted are given later in this document.

   The type value for the TLSA RR type is defined in Section 7.1.

   The TLSA RR is class independent.

   The TLSA RR has no special Time to Live (TTL) requirements.
source

pub fn cert_usage(&self) -> CertUsage

Specifies the provided association that will be used to match the certificate presented in the TLS handshake

source

pub fn selector(&self) -> Selector

Specifies which part of the TLS certificate presented by the server will be matched against the association data

source

pub fn matching(&self) -> Matching

Specifies how the certificate association is presented

source

pub fn cert_data(&self) -> &[u8]

Binary data for validating the cert, see other members to understand format

Trait Implementations§

source§

impl Clone for TLSA

source§

fn clone(&self) -> TLSA

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for TLSA

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Display for TLSA

RFC 6698, DNS-Based Authentication for TLS

2.2.  TLSA RR Presentation Format

  The presentation format of the RDATA portion (as defined in
  [RFC1035]) is as follows:

  o  The certificate usage field MUST be represented as an 8-bit
     unsigned integer.

  o  The selector field MUST be represented as an 8-bit unsigned
     integer.

  o  The matching type field MUST be represented as an 8-bit unsigned
     integer.

  o  The certificate association data field MUST be represented as a
     string of hexadecimal characters.  Whitespace is allowed within
     the string of hexadecimal characters, as described in [RFC1035].

2.3.  TLSA RR Examples

   In the following examples, the domain name is formed using the rules
   in Section 3.

   An example of a hashed (SHA-256) association of a PKIX CA
   certificate:

   _443._tcp.www.example.com. IN TLSA (
      0 0 1 d2abde240d7cd3ee6b4b28c54df034b9
            7983a1d16e8a410e4561cb106618e971 )

   An example of a hashed (SHA-512) subject public key association of a
   PKIX end entity certificate:

   _443._tcp.www.example.com. IN TLSA (
      1 1 2 92003ba34942dc74152e2f2c408d29ec
            a5a520e7f2e06bb944f4dca346baf63c
            1b177615d466f6c4b71c216a50292bd5
            8c9ebdd2f74e38fe51ffd48c43326cbc )

   An example of a full certificate association of a PKIX end entity
   certificate:

   _443._tcp.www.example.com. IN TLSA (
      3 0 0 30820307308201efa003020102020... )
source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
source§

impl Hash for TLSA

source§

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher. Read more
1.3.0 · source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
source§

impl PartialEq for TLSA

source§

fn eq(&self, other: &TLSA) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl Eq for TLSA

source§

impl StructuralPartialEq for TLSA

Auto Trait Implementations§

§

impl Freeze for TLSA

§

impl RefUnwindSafe for TLSA

§

impl Send for TLSA

§

impl Sync for TLSA

§

impl Unpin for TLSA

§

impl UnwindSafe for TLSA

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T> ToString for T
where T: Display + ?Sized,

source§

default fn to_string(&self) -> String

Converts the given value to a String. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

source§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more