api-docs/crates-app/src/rustls/anchors.rs.html - incubator-teaclave-website - Git at Google

 <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `/root/.cargo/registry/src/github.com-1ecc6299db9ec823/rustls-0.19.1/src/anchors.rs`."><meta name="keywords" content="rust, rustlang, rust-lang"><title>anchors.rs - source</title><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Regular.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Medium.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Bold.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Semibold.ttf.woff2"><link rel="stylesheet" href="../../normalize.css"><link rel="stylesheet" href="../../rustdoc.css" id="mainThemeStyle"><link rel="stylesheet" href="../../ayu.css" disabled><link rel="stylesheet" href="../../dark.css" disabled><link rel="stylesheet" href="../../light.css" id="themeStyle"><script id="default-settings" ></script><script src="../../storage.js"></script><script defer src="../../source-script.js"></script><script defer src="../../source-files.js"></script><script defer src="../../main.js"></script><noscript><link rel="stylesheet" href="../../noscript.css"></noscript><link rel="alternate icon" type="image/png" href="../../favicon-16x16.png"><link rel="alternate icon" type="image/png" href="../../favicon-32x32.png"><link rel="icon" type="image/svg+xml" href="../../favicon.svg"></head><body class="rustdoc source"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><a class="sidebar-logo" href="../../rustls/index.html"><div class="logo-container"><img class="rust-logo" src="../../rust-logo.svg" alt="logo"></div></a></nav><main><div class="width-limiter"><nav class="sub"><a class="sub-logo-container" href="../../rustls/index.html"><img class="rust-logo" src="../../rust-logo.svg" alt="logo"></a><form class="search-form"><div class="search-container"><span></span><input class="search-input" name="search" autocomplete="off" spellcheck="false" placeholder="Click or press ‘S’ to search, ‘?’ for more options…" type="search"><div id="help-button" title="help" tabindex="-1"><a href="../../help.html">?</a></div><div id="settings-menu" tabindex="-1"><a href="../../settings.html" title="settings"><img width="22" height="22" alt="Change settings" src="../../wheel.svg"></a></div></div></form></nav><section id="main-content" class="content"><div class="example-wrap"><pre class="src-line-numbers"><span id="1">1</span>
 <span id="2">2</span>
 <span id="3">3</span>
 <span id="4">4</span>
 <span id="5">5</span>
 <span id="6">6</span>
 <span id="7">7</span>
 <span id="8">8</span>
 <span id="9">9</span>
 <span id="10">10</span>
 <span id="11">11</span>
 <span id="12">12</span>
 <span id="13">13</span>
 <span id="14">14</span>
 <span id="15">15</span>
 <span id="16">16</span>
 <span id="17">17</span>
 <span id="18">18</span>
 <span id="19">19</span>
 <span id="20">20</span>
 <span id="21">21</span>
 <span id="22">22</span>
 <span id="23">23</span>
 <span id="24">24</span>
 <span id="25">25</span>
 <span id="26">26</span>
 <span id="27">27</span>
 <span id="28">28</span>
 <span id="29">29</span>
 <span id="30">30</span>
 <span id="31">31</span>
 <span id="32">32</span>
 <span id="33">33</span>
 <span id="34">34</span>
 <span id="35">35</span>
 <span id="36">36</span>
 <span id="37">37</span>
 <span id="38">38</span>
 <span id="39">39</span>
 <span id="40">40</span>
 <span id="41">41</span>
 <span id="42">42</span>
 <span id="43">43</span>
 <span id="44">44</span>
 <span id="45">45</span>
 <span id="46">46</span>
 <span id="47">47</span>
 <span id="48">48</span>
 <span id="49">49</span>
 <span id="50">50</span>
 <span id="51">51</span>
 <span id="52">52</span>
 <span id="53">53</span>
 <span id="54">54</span>
 <span id="55">55</span>
 <span id="56">56</span>
 <span id="57">57</span>
 <span id="58">58</span>
 <span id="59">59</span>
 <span id="60">60</span>
 <span id="61">61</span>
 <span id="62">62</span>
 <span id="63">63</span>
 <span id="64">64</span>
 <span id="65">65</span>
 <span id="66">66</span>
 <span id="67">67</span>
 <span id="68">68</span>
 <span id="69">69</span>
 <span id="70">70</span>
 <span id="71">71</span>
 <span id="72">72</span>
 <span id="73">73</span>
 <span id="74">74</span>
 <span id="75">75</span>
 <span id="76">76</span>
 <span id="77">77</span>
 <span id="78">78</span>
 <span id="79">79</span>
 <span id="80">80</span>
 <span id="81">81</span>
 <span id="82">82</span>
 <span id="83">83</span>
 <span id="84">84</span>
 <span id="85">85</span>
 <span id="86">86</span>
 <span id="87">87</span>
 <span id="88">88</span>
 <span id="89">89</span>
 <span id="90">90</span>
 <span id="91">91</span>
 <span id="92">92</span>
 <span id="93">93</span>
 <span id="94">94</span>
 <span id="95">95</span>
 <span id="96">96</span>
 <span id="97">97</span>
 <span id="98">98</span>
 <span id="99">99</span>
 <span id="100">100</span>
 <span id="101">101</span>
 <span id="102">102</span>
 <span id="103">103</span>
 <span id="104">104</span>
 <span id="105">105</span>
 <span id="106">106</span>
 <span id="107">107</span>
 <span id="108">108</span>
 <span id="109">109</span>
 <span id="110">110</span>
 <span id="111">111</span>
 <span id="112">112</span>
 <span id="113">113</span>
 <span id="114">114</span>
 <span id="115">115</span>
 <span id="116">116</span>
 <span id="117">117</span>
 <span id="118">118</span>
 <span id="119">119</span>
 <span id="120">120</span>
 <span id="121">121</span>
 <span id="122">122</span>
 <span id="123">123</span>
 <span id="124">124</span>
 <span id="125">125</span>
 <span id="126">126</span>
 <span id="127">127</span>
 <span id="128">128</span>
 <span id="129">129</span>
 <span id="130">130</span>
 <span id="131">131</span>
 <span id="132">132</span>
 <span id="133">133</span>
 <span id="134">134</span>
 <span id="135">135</span>
 <span id="136">136</span>
 <span id="137">137</span>
 <span id="138">138</span>
 <span id="139">139</span>
 <span id="140">140</span>
 <span id="141">141</span>
 <span id="142">142</span>
 <span id="143">143</span>
 <span id="144">144</span>
 <span id="145">145</span>
 <span id="146">146</span>
 <span id="147">147</span>
 <span id="148">148</span>
 <span id="149">149</span>
 </pre><pre class="rust"><code><span class="kw">use </span>webpki;

 <span class="kw">use </span><span class="kw">crate</span>::key;
 <span class="attribute">#[cfg(feature = <span class="string">&quot;logging&quot;</span>)]
 </span><span class="kw">use </span><span class="kw">crate</span>::log::{debug, trace};
 <span class="kw">pub use </span><span class="kw">crate</span>::msgs::handshake::{DistinguishedName, DistinguishedNames};
 <span class="kw">use </span><span class="kw">crate</span>::pemfile;
 <span class="kw">use </span><span class="kw">crate</span>::x509;
 <span class="kw">use </span>std::io;

 <span class="doccomment">/// This is like a `webpki::TrustAnchor`, except it owns
 /// rather than borrows its memory.  That prevents lifetimes
 /// leaking up the object tree.
 </span><span class="attribute">#[derive(Debug, Clone)]
 </span><span class="kw">pub struct </span>OwnedTrustAnchor {
     subject: Vec&lt;u8&gt;,
     spki: Vec&lt;u8&gt;,
     name_constraints: <span class="prelude-ty">Option</span>&lt;Vec&lt;u8&gt;&gt;,
 }

 <span class="kw">impl </span>OwnedTrustAnchor {
     <span class="doccomment">/// Copy a `webpki::TrustAnchor` into owned memory
     </span><span class="kw">pub fn </span>from_trust_anchor(t: <span class="kw-2">&amp;</span>webpki::TrustAnchor) -&gt; OwnedTrustAnchor {
         OwnedTrustAnchor {
             subject: t.subject.to_vec(),
             spki: t.spki.to_vec(),
             name_constraints: t.name_constraints.map(|x| x.to_vec()),
         }
     }

     <span class="doccomment">/// Get a `webpki::TrustAnchor` by borrowing the owned elements.
     </span><span class="kw">pub fn </span>to_trust_anchor(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; webpki::TrustAnchor {
         webpki::TrustAnchor {
             subject: <span class="kw-2">&amp;</span><span class="self">self</span>.subject,
             spki: <span class="kw-2">&amp;</span><span class="self">self</span>.spki,
             name_constraints: <span class="self">self
                 </span>.name_constraints
                 .as_ref()
                 .map(Vec::as_slice),
         }
     }
 }

 <span class="kw">impl </span>From&lt;webpki::TrustAnchor&lt;<span class="lifetime">&#39;_</span>&gt;&gt; <span class="kw">for </span>OwnedTrustAnchor {
     <span class="kw">fn </span>from(t: webpki::TrustAnchor) -&gt; OwnedTrustAnchor {
         <span class="self">Self</span>::from_trust_anchor(<span class="kw-2">&amp;</span>t)
     }
 }

 <span class="kw">impl</span>&lt;<span class="lifetime">&#39;a</span>&gt; Into&lt;webpki::TrustAnchor&lt;<span class="lifetime">&#39;a</span>&gt;&gt; <span class="kw">for </span><span class="kw-2">&amp;</span><span class="lifetime">&#39;a </span>OwnedTrustAnchor {
     <span class="kw">fn </span>into(<span class="self">self</span>) -&gt; webpki::TrustAnchor&lt;<span class="lifetime">&#39;a</span>&gt; {
         <span class="self">self</span>.to_trust_anchor()
     }
 }

 <span class="doccomment">/// A container for root certificates able to provide a root-of-trust
 /// for connection authentication.
 </span><span class="attribute">#[derive(Debug, Clone)]
 </span><span class="kw">pub struct </span>RootCertStore {
     <span class="doccomment">/// The list of roots.
     </span><span class="kw">pub </span>roots: Vec&lt;OwnedTrustAnchor&gt;,
 }

 <span class="kw">impl </span>RootCertStore {
     <span class="doccomment">/// Make a new, empty `RootCertStore`.
     </span><span class="kw">pub fn </span>empty() -&gt; RootCertStore {
         RootCertStore { roots: Vec::new() }
     }

     <span class="doccomment">/// Return true if there are no certificates.
     </span><span class="kw">pub fn </span>is_empty(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; bool {
         <span class="self">self</span>.len() == <span class="number">0
     </span>}

     <span class="doccomment">/// Say how many certificates are in the container.
     </span><span class="kw">pub fn </span>len(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; usize {
         <span class="self">self</span>.roots.len()
     }

     <span class="doccomment">/// Return the Subject Names for certificates in the container.
     </span><span class="kw">pub fn </span>get_subjects(<span class="kw-2">&amp;</span><span class="self">self</span>) -&gt; DistinguishedNames {
         <span class="kw">let </span><span class="kw-2">mut </span>r = DistinguishedNames::new();

         <span class="kw">for </span>ota <span class="kw">in </span><span class="kw-2">&amp;</span><span class="self">self</span>.roots {
             <span class="kw">let </span><span class="kw-2">mut </span>name = Vec::new();
             name.extend_from_slice(<span class="kw-2">&amp;</span>ota.subject);
             x509::wrap_in_sequence(<span class="kw-2">&amp;mut </span>name);
             r.push(DistinguishedName::new(name));
         }

         r
     }

     <span class="doccomment">/// Add a single DER-encoded certificate to the store.
     </span><span class="kw">pub fn </span>add(<span class="kw-2">&amp;mut </span><span class="self">self</span>, der: <span class="kw-2">&amp;</span>key::Certificate) -&gt; <span class="prelude-ty">Result</span>&lt;(), webpki::Error&gt; {
         <span class="kw">let </span>ta = webpki::trust_anchor_util::cert_der_as_trust_anchor(<span class="kw-2">&amp;</span>der.<span class="number">0</span>)<span class="question-mark">?</span>;

         <span class="kw">let </span>ota = OwnedTrustAnchor::from_trust_anchor(<span class="kw-2">&amp;</span>ta);
         <span class="self">self</span>.roots.push(ota);
         <span class="prelude-val">Ok</span>(())
     }

     <span class="doccomment">/// Adds all the given TrustAnchors `anchors`.  This does not
     /// fail.
     </span><span class="kw">pub fn </span>add_server_trust_anchors(
         <span class="kw-2">&amp;mut </span><span class="self">self</span>,
         <span class="kw-2">&amp;</span>webpki::TLSServerTrustAnchors(anchors): <span class="kw-2">&amp;</span>webpki::TLSServerTrustAnchors,
     ) {
         <span class="kw">for </span>ta <span class="kw">in </span>anchors {
             <span class="self">self</span>.roots
                 .push(OwnedTrustAnchor::from_trust_anchor(ta));
         }
     }

     <span class="doccomment">/// Parse a PEM file and add all certificates found inside.
     /// Errors are non-specific; they may be io errors in `rd` and
     /// PEM format errors, but not certificate validity errors.
     ///
     /// This is because large collections of root certificates often
     /// include ancient or syntactically invalid certificates.  CAs
     /// are competent like that.
     ///
     /// Returns the number of certificates added, and the number
     /// which were extracted from the PEM but ultimately unsuitable.
     </span><span class="kw">pub fn </span>add_pem_file(<span class="kw-2">&amp;mut </span><span class="self">self</span>, rd: <span class="kw-2">&amp;mut </span><span class="kw">dyn </span>io::BufRead) -&gt; <span class="prelude-ty">Result</span>&lt;(usize, usize), ()&gt; {
         <span class="kw">let </span>ders = pemfile::certs(rd)<span class="question-mark">?</span>;
         <span class="kw">let </span><span class="kw-2">mut </span>valid_count = <span class="number">0</span>;
         <span class="kw">let </span><span class="kw-2">mut </span>invalid_count = <span class="number">0</span>;

         <span class="kw">for </span>der <span class="kw">in </span>ders {
             <span class="attribute">#[cfg_attr(not(feature = <span class="string">&quot;logging&quot;</span>), allow(unused_variables))]
             </span><span class="kw">match </span><span class="self">self</span>.add(<span class="kw-2">&amp;</span>der) {
                 <span class="prelude-val">Ok</span>(<span class="kw">_</span>) =&gt; valid_count += <span class="number">1</span>,
                 <span class="prelude-val">Err</span>(err) =&gt; {
                     <span class="macro">trace!</span>(<span class="string">&quot;invalid cert der {:?}&quot;</span>, der);
                     <span class="macro">debug!</span>(<span class="string">&quot;certificate parsing failed: {:?}&quot;</span>, err);
                     invalid_count += <span class="number">1
                 </span>}
             }
         }

         <span class="macro">debug!</span>(
             <span class="string">&quot;add_pem_file processed {} valid and {} invalid certs&quot;</span>,
             valid_count, invalid_count
         );

         <span class="prelude-val">Ok</span>((valid_count, invalid_count))
     }
 }
 </code></pre></div>
 </section></div></main><div id="rustdoc-vars" data-root-path="../../" data-current-crate="rustls" data-themes="ayu,dark,light" data-resource-suffix="" data-rustdoc-version="1.66.0-nightly (5c8bff74b 2022-10-21)" ></div></body></html>
	<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `/root/.cargo/registry/src/github.com-1ecc6299db9ec823/rustls-0.19.1/src/anchors.rs`."><meta name="keywords" content="rust, rustlang, rust-lang"><title>anchors.rs - source</title><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Regular.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Medium.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Bold.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Semibold.ttf.woff2"><link rel="stylesheet" href="../../normalize.css"><link rel="stylesheet" href="../../rustdoc.css" id="mainThemeStyle"><link rel="stylesheet" href="../../ayu.css" disabled><link rel="stylesheet" href="../../dark.css" disabled><link rel="stylesheet" href="../../light.css" id="themeStyle"><script id="default-settings" ></script><script src="../../storage.js"></script><script defer src="../../source-script.js"></script><script defer src="../../source-files.js"></script><script defer src="../../main.js"></script><noscript><link rel="stylesheet" href="../../noscript.css"></noscript><link rel="alternate icon" type="image/png" href="../../favicon-16x16.png"><link rel="alternate icon" type="image/png" href="../../favicon-32x32.png"><link rel="icon" type="image/svg+xml" href="../../favicon.svg"></head><body class="rustdoc source"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><a class="sidebar-logo" href="../../rustls/index.html"><div class="logo-container"><img class="rust-logo" src="../../rust-logo.svg" alt="logo"></div></a></nav><main><div class="width-limiter"><nav class="sub"><a class="sub-logo-container" href="../../rustls/index.html"><img class="rust-logo" src="../../rust-logo.svg" alt="logo"></a><form class="search-form"><div class="search-container"><span></span><input class="search-input" name="search" autocomplete="off" spellcheck="false" placeholder="Click or press ‘S’ to search, ‘?’ for more options…" type="search"><div id="help-button" title="help" tabindex="-1"><a href="../../help.html">?</a></div><div id="settings-menu" tabindex="-1"><a href="../../settings.html" title="settings"><img width="22" height="22" alt="Change settings" src="../../wheel.svg"></a></div></div></form></nav><section id="main-content" class="content"><div class="example-wrap"><pre class="src-line-numbers"><span id="1">1</span>
	<span id="2">2</span>
	<span id="3">3</span>
	<span id="4">4</span>
	<span id="5">5</span>
	<span id="6">6</span>
	<span id="7">7</span>
	<span id="8">8</span>
	<span id="9">9</span>
	<span id="10">10</span>
	<span id="11">11</span>
	<span id="12">12</span>
	<span id="13">13</span>
	<span id="14">14</span>
	<span id="15">15</span>
	<span id="16">16</span>
	<span id="17">17</span>
	<span id="18">18</span>
	<span id="19">19</span>
	<span id="20">20</span>
	<span id="21">21</span>
	<span id="22">22</span>
	<span id="23">23</span>
	<span id="24">24</span>
	<span id="25">25</span>
	<span id="26">26</span>
	<span id="27">27</span>
	<span id="28">28</span>
	<span id="29">29</span>
	<span id="30">30</span>
	<span id="31">31</span>
	<span id="32">32</span>
	<span id="33">33</span>
	<span id="34">34</span>
	<span id="35">35</span>
	<span id="36">36</span>
	<span id="37">37</span>
	<span id="38">38</span>
	<span id="39">39</span>
	<span id="40">40</span>
	<span id="41">41</span>
	<span id="42">42</span>
	<span id="43">43</span>
	<span id="44">44</span>
	<span id="45">45</span>
	<span id="46">46</span>
	<span id="47">47</span>
	<span id="48">48</span>
	<span id="49">49</span>
	<span id="50">50</span>
	<span id="51">51</span>
	<span id="52">52</span>
	<span id="53">53</span>
	<span id="54">54</span>
	<span id="55">55</span>
	<span id="56">56</span>
	<span id="57">57</span>
	<span id="58">58</span>
	<span id="59">59</span>
	<span id="60">60</span>
	<span id="61">61</span>
	<span id="62">62</span>
	<span id="63">63</span>
	<span id="64">64</span>
	<span id="65">65</span>
	<span id="66">66</span>
	<span id="67">67</span>
	<span id="68">68</span>
	<span id="69">69</span>
	<span id="70">70</span>
	<span id="71">71</span>
	<span id="72">72</span>
	<span id="73">73</span>
	<span id="74">74</span>
	<span id="75">75</span>
	<span id="76">76</span>
	<span id="77">77</span>
	<span id="78">78</span>
	<span id="79">79</span>
	<span id="80">80</span>
	<span id="81">81</span>
	<span id="82">82</span>
	<span id="83">83</span>
	<span id="84">84</span>
	<span id="85">85</span>
	<span id="86">86</span>
	<span id="87">87</span>
	<span id="88">88</span>
	<span id="89">89</span>
	<span id="90">90</span>
	<span id="91">91</span>
	<span id="92">92</span>
	<span id="93">93</span>
	<span id="94">94</span>
	<span id="95">95</span>
	<span id="96">96</span>
	<span id="97">97</span>
	<span id="98">98</span>
	<span id="99">99</span>
	<span id="100">100</span>
	<span id="101">101</span>
	<span id="102">102</span>
	<span id="103">103</span>
	<span id="104">104</span>
	<span id="105">105</span>
	<span id="106">106</span>
	<span id="107">107</span>
	<span id="108">108</span>
	<span id="109">109</span>
	<span id="110">110</span>
	<span id="111">111</span>
	<span id="112">112</span>
	<span id="113">113</span>
	<span id="114">114</span>
	<span id="115">115</span>
	<span id="116">116</span>
	<span id="117">117</span>
	<span id="118">118</span>
	<span id="119">119</span>
	<span id="120">120</span>
	<span id="121">121</span>
	<span id="122">122</span>
	<span id="123">123</span>
	<span id="124">124</span>
	<span id="125">125</span>
	<span id="126">126</span>
	<span id="127">127</span>
	<span id="128">128</span>
	<span id="129">129</span>
	<span id="130">130</span>
	<span id="131">131</span>
	<span id="132">132</span>
	<span id="133">133</span>
	<span id="134">134</span>
	<span id="135">135</span>
	<span id="136">136</span>
	<span id="137">137</span>
	<span id="138">138</span>
	<span id="139">139</span>
	<span id="140">140</span>
	<span id="141">141</span>
	<span id="142">142</span>
	<span id="143">143</span>
	<span id="144">144</span>
	<span id="145">145</span>
	<span id="146">146</span>
	<span id="147">147</span>
	<span id="148">148</span>
	<span id="149">149</span>
	</pre><pre class="rust"><code><span class="kw">use </span>webpki;

	<span class="kw">use </span><span class="kw">crate</span>::key;
	<span class="attribute">#[cfg(feature = <span class="string">"logging"</span>)]
	</span><span class="kw">use </span><span class="kw">crate</span>::log::{debug, trace};
	<span class="kw">pub use </span><span class="kw">crate</span>::msgs::handshake::{DistinguishedName, DistinguishedNames};
	<span class="kw">use </span><span class="kw">crate</span>::pemfile;
	<span class="kw">use </span><span class="kw">crate</span>::x509;
	<span class="kw">use </span>std::io;

	<span class="doccomment">/// This is like a `webpki::TrustAnchor`, except it owns
	/// rather than borrows its memory. That prevents lifetimes
	/// leaking up the object tree.
	</span><span class="attribute">#[derive(Debug, Clone)]
	</span><span class="kw">pub struct </span>OwnedTrustAnchor {
	subject: Vec<u8>,
	spki: Vec<u8>,
	name_constraints: <span class="prelude-ty">Option</span><Vec<u8>>,
	}

	<span class="kw">impl </span>OwnedTrustAnchor {
	<span class="doccomment">/// Copy a `webpki::TrustAnchor` into owned memory
	</span><span class="kw">pub fn </span>from_trust_anchor(t: <span class="kw-2">&</span>webpki::TrustAnchor) -> OwnedTrustAnchor {
	OwnedTrustAnchor {
	subject: t.subject.to_vec(),
	spki: t.spki.to_vec(),
	name_constraints: t.name_constraints.map(\|x\| x.to_vec()),
	}
	}

	<span class="doccomment">/// Get a `webpki::TrustAnchor` by borrowing the owned elements.
	</span><span class="kw">pub fn </span>to_trust_anchor(<span class="kw-2">&</span><span class="self">self</span>) -> webpki::TrustAnchor {
	webpki::TrustAnchor {
	subject: <span class="kw-2">&</span><span class="self">self</span>.subject,
	spki: <span class="kw-2">&</span><span class="self">self</span>.spki,
	name_constraints: <span class="self">self
	</span>.name_constraints
	.as_ref()
	.map(Vec::as_slice),
	}
	}
	}

	<span class="kw">impl </span>From<webpki::TrustAnchor<<span class="lifetime">'_</span>>> <span class="kw">for </span>OwnedTrustAnchor {
	<span class="kw">fn </span>from(t: webpki::TrustAnchor) -> OwnedTrustAnchor {
	<span class="self">Self</span>::from_trust_anchor(<span class="kw-2">&</span>t)
	}
	}

	<span class="kw">impl</span><<span class="lifetime">'a</span>> Into<webpki::TrustAnchor<<span class="lifetime">'a</span>>> <span class="kw">for </span><span class="kw-2">&</span><span class="lifetime">'a </span>OwnedTrustAnchor {
	<span class="kw">fn </span>into(<span class="self">self</span>) -> webpki::TrustAnchor<<span class="lifetime">'a</span>> {
	<span class="self">self</span>.to_trust_anchor()
	}
	}

	<span class="doccomment">/// A container for root certificates able to provide a root-of-trust
	/// for connection authentication.
	</span><span class="attribute">#[derive(Debug, Clone)]
	</span><span class="kw">pub struct </span>RootCertStore {
	<span class="doccomment">/// The list of roots.
	</span><span class="kw">pub </span>roots: Vec<OwnedTrustAnchor>,
	}

	<span class="kw">impl </span>RootCertStore {
	<span class="doccomment">/// Make a new, empty `RootCertStore`.
	</span><span class="kw">pub fn </span>empty() -> RootCertStore {
	RootCertStore { roots: Vec::new() }
	}

	<span class="doccomment">/// Return true if there are no certificates.
	</span><span class="kw">pub fn </span>is_empty(<span class="kw-2">&</span><span class="self">self</span>) -> bool {
	<span class="self">self</span>.len() == <span class="number">0
	</span>}

	<span class="doccomment">/// Say how many certificates are in the container.
	</span><span class="kw">pub fn </span>len(<span class="kw-2">&</span><span class="self">self</span>) -> usize {
	<span class="self">self</span>.roots.len()
	}

	<span class="doccomment">/// Return the Subject Names for certificates in the container.
	</span><span class="kw">pub fn </span>get_subjects(<span class="kw-2">&</span><span class="self">self</span>) -> DistinguishedNames {
	<span class="kw">let </span><span class="kw-2">mut </span>r = DistinguishedNames::new();

	<span class="kw">for </span>ota <span class="kw">in </span><span class="kw-2">&</span><span class="self">self</span>.roots {
	<span class="kw">let </span><span class="kw-2">mut </span>name = Vec::new();
	name.extend_from_slice(<span class="kw-2">&</span>ota.subject);
	x509::wrap_in_sequence(<span class="kw-2">&mut </span>name);
	r.push(DistinguishedName::new(name));
	}

	r
	}

	<span class="doccomment">/// Add a single DER-encoded certificate to the store.
	</span><span class="kw">pub fn </span>add(<span class="kw-2">&mut </span><span class="self">self</span>, der: <span class="kw-2">&</span>key::Certificate) -> <span class="prelude-ty">Result</span><(), webpki::Error> {
	<span class="kw">let </span>ta = webpki::trust_anchor_util::cert_der_as_trust_anchor(<span class="kw-2">&</span>der.<span class="number">0</span>)<span class="question-mark">?</span>;

	<span class="kw">let </span>ota = OwnedTrustAnchor::from_trust_anchor(<span class="kw-2">&</span>ta);
	<span class="self">self</span>.roots.push(ota);
	<span class="prelude-val">Ok</span>(())
	}

	<span class="doccomment">/// Adds all the given TrustAnchors `anchors`. This does not
	/// fail.
	</span><span class="kw">pub fn </span>add_server_trust_anchors(
	<span class="kw-2">&mut </span><span class="self">self</span>,
	<span class="kw-2">&</span>webpki::TLSServerTrustAnchors(anchors): <span class="kw-2">&</span>webpki::TLSServerTrustAnchors,
	) {
	<span class="kw">for </span>ta <span class="kw">in </span>anchors {
	<span class="self">self</span>.roots
	.push(OwnedTrustAnchor::from_trust_anchor(ta));
	}
	}

	<span class="doccomment">/// Parse a PEM file and add all certificates found inside.
	/// Errors are non-specific; they may be io errors in `rd` and
	/// PEM format errors, but not certificate validity errors.
	///
	/// This is because large collections of root certificates often
	/// include ancient or syntactically invalid certificates. CAs
	/// are competent like that.
	///
	/// Returns the number of certificates added, and the number
	/// which were extracted from the PEM but ultimately unsuitable.
	</span><span class="kw">pub fn </span>add_pem_file(<span class="kw-2">&mut </span><span class="self">self</span>, rd: <span class="kw-2">&mut </span><span class="kw">dyn </span>io::BufRead) -> <span class="prelude-ty">Result</span><(usize, usize), ()> {
	<span class="kw">let </span>ders = pemfile::certs(rd)<span class="question-mark">?</span>;
	<span class="kw">let </span><span class="kw-2">mut </span>valid_count = <span class="number">0</span>;
	<span class="kw">let </span><span class="kw-2">mut </span>invalid_count = <span class="number">0</span>;

	<span class="kw">for </span>der <span class="kw">in </span>ders {
	<span class="attribute">#[cfg_attr(not(feature = <span class="string">"logging"</span>), allow(unused_variables))]
	</span><span class="kw">match </span><span class="self">self</span>.add(<span class="kw-2">&</span>der) {
	<span class="prelude-val">Ok</span>(<span class="kw">_</span>) => valid_count += <span class="number">1</span>,
	<span class="prelude-val">Err</span>(err) => {
	<span class="macro">trace!</span>(<span class="string">"invalid cert der {:?}"</span>, der);
	<span class="macro">debug!</span>(<span class="string">"certificate parsing failed: {:?}"</span>, err);
	invalid_count += <span class="number">1
	</span>}
	}
	}

	<span class="macro">debug!</span>(
	<span class="string">"add_pem_file processed {} valid and {} invalid certs"</span>,
	valid_count, invalid_count
	);

	<span class="prelude-val">Ok</span>((valid_count, invalid_count))
	}
	}
	</code></pre></div>
	</section></div></main><div id="rustdoc-vars" data-root-path="../../" data-current-crate="rustls" data-themes="ayu,dark,light" data-resource-suffix="" data-rustdoc-version="1.66.0-nightly (5c8bff74b 2022-10-21)" ></div></body></html>