|0.102.0-alpha.3||Sep 13, 2023|
|0.102.0-alpha.0||Aug 2, 2023|
|0.101.2||Jul 26, 2023|
|0.100.1||Mar 28, 2023|
#38 in Cryptography
3,552,240 downloads per month
Used in 2,059 crates (39 directly)
webpki is a library that validates Web PKI (TLS/SSL) certificates. It's used by Rustls to handle certificate-related tasks required for implementing TLS clients and servers.
This is a fork of the original webpki project
which adds a number of features required by the rustls project. This fork is
released as the
rustls-webpki crate, with versions starting 0.100.0 so as to
not confusingly overlap with
Representing trust anchors - webpki requires the caller to bootstrap trust by explicitly specifying a set of trust anchors using the
Parsing certificates - webpki can convert from the raw encoded form of a certificate into something that can be used for making trust decisions.
Path building - webpki can determine if a certificate for an end entity like a website or client identity was issued by a trust anchor, or a series of intermediate certificates the trust anchor has endorsed.
Name/usage validation - webpki can determine if a certificate is valid for a given DNS name or IP address by considering the allowed usage of the certificate and additional constraints.
webpki offers a minimal feature set tailored to the needs of Rustls. Notably it does not offer:
- Certificate or keypair generation
- Access to arbitrary certificate extensions
- Parsing/representation of certificate subjects, or human-friendly display of these fields
Release history can be found on GitHub.
See https://github.com/rustls/rustls#example-code for an example of using webpki.
See LICENSE. This project happily accepts pull requests without any formal copyright/contributor license agreement.