1 //! PKIX Certificate Revocation List extensions 2 3 pub mod dp; 4 5 use const_oid::db::rfc5280::{ 6 ID_CE_CRL_DISTRIBUTION_POINTS, ID_CE_CRL_NUMBER, ID_CE_CRL_REASONS, ID_CE_DELTA_CRL_INDICATOR, 7 ID_CE_FRESHEST_CRL, 8 }; 9 use const_oid::{AssociatedOid, ObjectIdentifier}; 10 pub use dp::IssuingDistributionPoint; 11 12 use alloc::vec::Vec; 13 14 use der::{asn1::Uint, Enumerated}; 15 16 /// CrlNumber as defined in [RFC 5280 Section 5.2.3]. 17 /// 18 /// ```text 19 /// CRLNumber ::= INTEGER (0..MAX) 20 /// ``` 21 /// 22 /// [RFC 5280 Section 5.2.3]: https://datatracker.ietf.org/doc/html/rfc5280#section-5.2.3 23 #[derive(Clone, Debug, PartialEq, Eq)] 24 pub struct CrlNumber(pub Uint); 25 26 impl AssociatedOid for CrlNumber { 27 const OID: ObjectIdentifier = ID_CE_CRL_NUMBER; 28 } 29 30 impl_newtype!(CrlNumber, Uint); 31 impl_extension!(CrlNumber, critical = false); 32 33 /// BaseCRLNumber as defined in [RFC 5280 Section 5.2.4]. 34 /// 35 /// ```text 36 /// BaseCRLNumber ::= CRLNumber 37 /// ``` 38 /// 39 /// [RFC 5280 Section 5.2.4]: https://datatracker.ietf.org/doc/html/rfc5280#section-5.2.4 40 #[derive(Clone, Debug, PartialEq, Eq)] 41 pub struct BaseCrlNumber(pub Uint); 42 43 impl AssociatedOid for BaseCrlNumber { 44 const OID: ObjectIdentifier = ID_CE_DELTA_CRL_INDICATOR; 45 } 46 47 impl_newtype!(BaseCrlNumber, Uint); 48 impl_extension!(BaseCrlNumber, critical = true); 49 50 /// CrlDistributionPoints as defined in [RFC 5280 Section 4.2.1.13]. 51 /// 52 /// ```text 53 /// CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint 54 /// ``` 55 /// 56 /// [RFC 5280 Section 4.2.1.13]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.13 57 #[derive(Clone, Debug, Default, PartialEq, Eq)] 58 pub struct CrlDistributionPoints(pub Vec<dp::DistributionPoint>); 59 60 impl AssociatedOid for CrlDistributionPoints { 61 const OID: ObjectIdentifier = ID_CE_CRL_DISTRIBUTION_POINTS; 62 } 63 64 impl_newtype!(CrlDistributionPoints, Vec<dp::DistributionPoint>); 65 impl_extension!(CrlDistributionPoints, critical = false); 66 67 /// FreshestCrl as defined in [RFC 5280 Section 5.2.6]. 68 /// 69 /// ```text 70 /// FreshestCRL ::= CRLDistributionPoints 71 /// ``` 72 /// 73 /// [RFC 5280 Section 5.2.6]: https://datatracker.ietf.org/doc/html/rfc5280#section-5.2.6 74 #[derive(Clone, Debug, Default, PartialEq, Eq)] 75 pub struct FreshestCrl(pub Vec<dp::DistributionPoint>); 76 77 impl AssociatedOid for FreshestCrl { 78 const OID: ObjectIdentifier = ID_CE_FRESHEST_CRL; 79 } 80 81 impl_newtype!(FreshestCrl, Vec<dp::DistributionPoint>); 82 impl_extension!(FreshestCrl, critical = false); 83 84 /// CRLReason as defined in [RFC 5280 Section 5.3.1]. 85 /// 86 /// ```text 87 /// CRLReason ::= ENUMERATED { 88 /// unspecified (0), 89 /// keyCompromise (1), 90 /// cACompromise (2), 91 /// affiliationChanged (3), 92 /// superseded (4), 93 /// cessationOfOperation (5), 94 /// certificateHold (6), 95 /// removeFromCRL (8), 96 /// privilegeWithdrawn (9), 97 /// aACompromise (10) 98 /// } 99 /// ``` 100 /// 101 /// [RFC 5280 Section 5.3.1]: https://datatracker.ietf.org/doc/html/rfc5280#section-5.3.1 102 #[derive(Copy, Clone, Debug, Eq, PartialEq, Enumerated)] 103 #[allow(missing_docs)] 104 #[repr(u32)] 105 pub enum CrlReason { 106 Unspecified = 0, 107 KeyCompromise = 1, 108 CaCompromise = 2, 109 AffiliationChanged = 3, 110 Superseded = 4, 111 CessationOfOperation = 5, 112 CertificateHold = 6, 113 RemoveFromCRL = 8, 114 PrivilegeWithdrawn = 9, 115 AaCompromise = 10, 116 } 117 118 impl AssociatedOid for CrlReason { 119 const OID: ObjectIdentifier = ID_CE_CRL_REASONS; 120 } 121 122 impl_extension!(CrlReason, critical = false); 123