Skip to content

Commit

Permalink
Restore SemVer compatibility for verify_is_valid_tls_client_cert.
Browse files Browse the repository at this point in the history
  • Loading branch information
briansmith committed Oct 9, 2023
1 parent 60e688b commit f1202b3
Showing 1 changed file with 20 additions and 2 deletions.
22 changes: 20 additions & 2 deletions src/end_entity.rs
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,25 @@ impl<'a> EndEntityCert<'a> {
)
}

/// Backward-SemVer-compatible wrapper around `verify_is_valid_tls_client_cert_ext`.
///
/// Errors that aren't representable as an `Error` are mapped to `Error::UnknownIssuer`.
pub fn verify_is_valid_tls_client_cert(
&self,
supported_sig_algs: &[&SignatureAlgorithm],
trust_anchors: &TlsClientTrustAnchors,
intermediate_certs: &[&[u8]],
time: Time,
) -> Result<(), Error> {
self.verify_is_valid_tls_client_cert_ext(
supported_sig_algs,
trust_anchors,
intermediate_certs,
time,
)
.map_err(ErrorExt::into_error_lossy)
}

/// Verifies that the end-entity certificate is valid for use by a TLS
/// client.
///
Expand All @@ -145,7 +164,7 @@ impl<'a> EndEntityCert<'a> {
&TlsClientTrustAnchors(trust_anchors): &TlsClientTrustAnchors,
intermediate_certs: &[&[u8]],
time: Time,
) -> Result<(), Error> {
) -> Result<(), ErrorExt> {
verify_cert::build_chain(
verify_cert::EKU_CLIENT_AUTH,
supported_sig_algs,
Expand All @@ -154,7 +173,6 @@ impl<'a> EndEntityCert<'a> {
&self.inner,
time,
)
.map_err(ErrorExt::into_error_lossy)
}

/// Verifies that the certificate is valid for the given DNS host name.
Expand Down

0 comments on commit f1202b3

Please sign in to comment.