1use crate::sign;
2
3use pki_types::CertificateDer;
4
5/// ActiveCertifiedKey wraps [`sign::CertifiedKey`] and tracks OSCP state in a single handshake.
6pub(super) struct ActiveCertifiedKey<'a> {
7 key: &'a sign::CertifiedKey,
8 ocsp: Option<&'a [u8]>,
9}
10
11impl<'a> ActiveCertifiedKey<'a> {
12 pub(super) fn from_certified_key(key: &sign::CertifiedKey) -> ActiveCertifiedKey {
13 ActiveCertifiedKey {
14 key,
15 ocsp: key.ocsp.as_deref(),
16 }
17 }
18
19 /// Get the certificate chain
20 #[inline]
21 pub(super) fn get_cert(&self) -> &[CertificateDer<'static>] {
22 &self.key.cert
23 }
24
25 /// Get the signing key
26 #[inline]
27 pub(super) fn get_key(&self) -> &dyn sign::SigningKey {
28 &*self.key.key
29 }
30
31 #[inline]
32 pub(super) fn get_ocsp(&self) -> Option<&[u8]> {
33 self.ocsp
34 }
35}
36