Skip to content

Commit 6ea5d18

Browse files
djcdjc
committed
Use trait object for EKU validation
1 parent a3275db commit 6ea5d18

2 files changed

Lines changed: 6 additions & 6 deletions

File tree

src/end_entity.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -106,7 +106,7 @@ impl EndEntityCert<'_> {
106106
trust_anchors: &'p [TrustAnchor<'_>],
107107
intermediate_certs: &'p [CertificateDer<'p>],
108108
time: UnixTime,
109-
usage: &impl ExtendedKeyUsageValidator,
109+
usage: &dyn ExtendedKeyUsageValidator,
110110
revocation: Option<RevocationOptions<'_>>,
111111
verify_path: Option<&dyn Fn(&VerifiedPath<'_>) -> Result<(), Error>>,
112112
) -> Result<VerifiedPath<'p>, Error> {

src/verify_cert.rs

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -28,15 +28,15 @@ use crate::{public_values_eq, signed_data, subject_name};
2828

2929
// Use `'a` for lifetimes that we don't care about, `'p` for lifetimes that become a part of
3030
// the `VerifiedPath`.
31-
pub(crate) struct ChainOptions<'a, 'p, V> {
32-
pub(crate) eku: &'a V,
31+
pub(crate) struct ChainOptions<'a, 'p> {
32+
pub(crate) eku: &'a dyn ExtendedKeyUsageValidator,
3333
pub(crate) supported_sig_algs: &'a [&'a dyn SignatureVerificationAlgorithm],
3434
pub(crate) trust_anchors: &'p [TrustAnchor<'p>],
3535
pub(crate) intermediate_certs: &'p [CertificateDer<'p>],
3636
pub(crate) revocation: Option<RevocationOptions<'a>>,
3737
}
3838

39-
impl<'a, 'p: 'a, V: ExtendedKeyUsageValidator> ChainOptions<'a, 'p, V> {
39+
impl<'a, 'p: 'a> ChainOptions<'a, 'p> {
4040
pub(crate) fn build_chain(
4141
&self,
4242
end_entity: &'p EndEntityCert<'p>,
@@ -349,7 +349,7 @@ fn check_issuer_independent_properties(
349349
time: UnixTime,
350350
role: Role,
351351
sub_ca_count: usize,
352-
eku: &impl ExtendedKeyUsageValidator,
352+
eku: &dyn ExtendedKeyUsageValidator,
353353
) -> Result<(), Error> {
354354
// TODO: check_distrust(trust_anchor_subject, trust_anchor_spki)?;
355355
// TODO: Check signature algorithm like mozilla::pkix.
@@ -374,7 +374,7 @@ fn check_issuer_independent_properties(
374374

375375
fn check_eku(
376376
input: Option<&mut untrusted::Reader<'_>>,
377-
eku: &impl ExtendedKeyUsageValidator,
377+
eku: &dyn ExtendedKeyUsageValidator,
378378
) -> Result<(), Error> {
379379
match input {
380380
Some(input) if input.at_end() => Err(Error::EmptyEkuExtension),

0 commit comments

Comments
 (0)