diff --git a/Cargo.toml b/Cargo.toml index 5c6e2d8d..04618a06 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -22,7 +22,7 @@ name = "webpki" readme = "README.md" repository = "https://github.com/briansmith/webpki" rust-version = "1.61.0" -version = "0.22.3" +version = "0.22.4" include = [ "Cargo.toml", diff --git a/src/end_entity.rs b/src/end_entity.rs index 6af008d7..cfe9ef15 100644 --- a/src/end_entity.rs +++ b/src/end_entity.rs @@ -125,6 +125,25 @@ impl<'a> EndEntityCert<'a> { ) } + /// Backward-SemVer-compatible wrapper around `verify_is_valid_tls_client_cert_ext`. + /// + /// Errors that aren't representable as an `Error` are mapped to `Error::UnknownIssuer`. + pub fn verify_is_valid_tls_client_cert( + &self, + supported_sig_algs: &[&SignatureAlgorithm], + trust_anchors: &TlsClientTrustAnchors, + intermediate_certs: &[&[u8]], + time: Time, + ) -> Result<(), Error> { + self.verify_is_valid_tls_client_cert_ext( + supported_sig_algs, + trust_anchors, + intermediate_certs, + time, + ) + .map_err(ErrorExt::into_error_lossy) + } + /// Verifies that the end-entity certificate is valid for use by a TLS /// client. /// @@ -145,7 +164,7 @@ impl<'a> EndEntityCert<'a> { &TlsClientTrustAnchors(trust_anchors): &TlsClientTrustAnchors, intermediate_certs: &[&[u8]], time: Time, - ) -> Result<(), Error> { + ) -> Result<(), ErrorExt> { verify_cert::build_chain( verify_cert::EKU_CLIENT_AUTH, supported_sig_algs, @@ -154,7 +173,6 @@ impl<'a> EndEntityCert<'a> { &self.inner, time, ) - .map_err(ErrorExt::into_error_lossy) } /// Verifies that the certificate is valid for the given DNS host name.