x509_cert/ext/pkix/
crl.rs

1//! PKIX Certificate Revocation List extensions
2
3pub mod dp;
4
5use const_oid::db::rfc5280::{
6    ID_CE_CRL_DISTRIBUTION_POINTS, ID_CE_CRL_NUMBER, ID_CE_CRL_REASONS, ID_CE_DELTA_CRL_INDICATOR,
7    ID_CE_FRESHEST_CRL,
8};
9use const_oid::{AssociatedOid, ObjectIdentifier};
10pub use dp::IssuingDistributionPoint;
11
12use alloc::vec::Vec;
13
14use der::{asn1::Uint, Enumerated};
15
16/// CrlNumber as defined in [RFC 5280 Section 5.2.3].
17///
18/// ```text
19/// CRLNumber ::= INTEGER (0..MAX)
20/// ```
21///
22/// [RFC 5280 Section 5.2.3]: https://datatracker.ietf.org/doc/html/rfc5280#section-5.2.3
23#[derive(Clone, Debug, PartialEq, Eq)]
24pub struct CrlNumber(pub Uint);
25
26impl AssociatedOid for CrlNumber {
27    const OID: ObjectIdentifier = ID_CE_CRL_NUMBER;
28}
29
30impl_newtype!(CrlNumber, Uint);
31impl_extension!(CrlNumber, critical = false);
32
33/// BaseCRLNumber as defined in [RFC 5280 Section 5.2.4].
34///
35/// ```text
36/// BaseCRLNumber ::= CRLNumber
37/// ```
38///
39/// [RFC 5280 Section 5.2.4]: https://datatracker.ietf.org/doc/html/rfc5280#section-5.2.4
40#[derive(Clone, Debug, PartialEq, Eq)]
41pub struct BaseCrlNumber(pub Uint);
42
43impl AssociatedOid for BaseCrlNumber {
44    const OID: ObjectIdentifier = ID_CE_DELTA_CRL_INDICATOR;
45}
46
47impl_newtype!(BaseCrlNumber, Uint);
48impl_extension!(BaseCrlNumber, critical = true);
49
50/// CrlDistributionPoints as defined in [RFC 5280 Section 4.2.1.13].
51///
52/// ```text
53/// CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
54/// ```
55///
56/// [RFC 5280 Section 4.2.1.13]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.13
57#[derive(Clone, Debug, Default, PartialEq, Eq)]
58pub struct CrlDistributionPoints(pub Vec<dp::DistributionPoint>);
59
60impl AssociatedOid for CrlDistributionPoints {
61    const OID: ObjectIdentifier = ID_CE_CRL_DISTRIBUTION_POINTS;
62}
63
64impl_newtype!(CrlDistributionPoints, Vec<dp::DistributionPoint>);
65impl_extension!(CrlDistributionPoints, critical = false);
66
67/// FreshestCrl as defined in [RFC 5280 Section 5.2.6].
68///
69/// ```text
70/// FreshestCRL ::= CRLDistributionPoints
71/// ```
72///
73/// [RFC 5280 Section 5.2.6]: https://datatracker.ietf.org/doc/html/rfc5280#section-5.2.6
74#[derive(Clone, Debug, Default, PartialEq, Eq)]
75pub struct FreshestCrl(pub Vec<dp::DistributionPoint>);
76
77impl AssociatedOid for FreshestCrl {
78    const OID: ObjectIdentifier = ID_CE_FRESHEST_CRL;
79}
80
81impl_newtype!(FreshestCrl, Vec<dp::DistributionPoint>);
82impl_extension!(FreshestCrl, critical = false);
83
84/// CRLReason as defined in [RFC 5280 Section 5.3.1].
85///
86/// ```text
87/// CRLReason ::= ENUMERATED {
88///     unspecified             (0),
89///     keyCompromise           (1),
90///     cACompromise            (2),
91///     affiliationChanged      (3),
92///     superseded              (4),
93///     cessationOfOperation    (5),
94///     certificateHold         (6),
95///     removeFromCRL           (8),
96///     privilegeWithdrawn      (9),
97///     aACompromise           (10)
98/// }
99/// ```
100///
101/// [RFC 5280 Section 5.3.1]: https://datatracker.ietf.org/doc/html/rfc5280#section-5.3.1
102#[derive(Copy, Clone, Debug, Eq, PartialEq, Enumerated)]
103#[allow(missing_docs)]
104#[repr(u32)]
105pub enum CrlReason {
106    Unspecified = 0,
107    KeyCompromise = 1,
108    CaCompromise = 2,
109    AffiliationChanged = 3,
110    Superseded = 4,
111    CessationOfOperation = 5,
112    CertificateHold = 6,
113    RemoveFromCRL = 8,
114    PrivilegeWithdrawn = 9,
115    AaCompromise = 10,
116}
117
118impl AssociatedOid for CrlReason {
119    const OID: ObjectIdentifier = ID_CE_CRL_REASONS;
120}
121
122impl_extension!(CrlReason, critical = false);