Struct rustls::SupportedCipherSuite [−][src]
pub struct SupportedCipherSuite { pub suite: CipherSuite, pub kx: KeyExchangeAlgorithm, pub bulk: BulkAlgorithm, pub hash: HashAlgorithm, pub sign: SignatureAlgorithm, pub enc_key_len: usize, pub fixed_iv_len: usize, pub explicit_nonce_len: usize, // some fields omitted }
Expand description
A cipher suite supported by rustls.
All possible instances of this class are provided by the library in
the ALL_CIPHERSUITES
array.
Fields
suite: CipherSuite
The TLS enumeration naming this cipher suite.
kx: KeyExchangeAlgorithm
How to exchange/agree keys.
bulk: BulkAlgorithm
How to do bulk encryption.
hash: HashAlgorithm
How to do hashing.
sign: SignatureAlgorithm
How to sign messages.
enc_key_len: usize
Encryption key length, for the bulk algorithm.
fixed_iv_len: usize
How long the fixed part of the ‘IV’ is.
This isn’t usually an IV, but we continue the terminology misuse to match the standard.
explicit_nonce_len: usize
This is a non-standard extension which extends the key block to provide an initial explicit nonce offset, in a deterministic and safe way. GCM needs this, chacha20poly1305 works this way by design.
Implementations
impl SupportedCipherSuite
[src]
impl SupportedCipherSuite
[src]pub fn do_client_kx(&self, kx_params: &[u8]) -> Option<KeyExchangeResult>
[src]
pub fn do_client_kx(&self, kx_params: &[u8]) -> Option<KeyExchangeResult>
[src]We have parameters and a verified public key in kx_params
.
Generate an ephemeral key, generate the shared secret, and
return it and the public half in a KeyExchangeResult
.
pub fn start_server_kx(&self, named_group: NamedGroup) -> Option<KeyExchange>
[src]
pub fn start_server_kx(&self, named_group: NamedGroup) -> Option<KeyExchange>
[src]Start the KX process with the given group. This generates the server’s share, but we don’t yet have the client’s share.
pub fn resolve_sig_schemes(
&self,
offered: &[SignatureScheme]
) -> Vec<SignatureScheme>
[src]
pub fn resolve_sig_schemes(
&self,
offered: &[SignatureScheme]
) -> Vec<SignatureScheme>
[src]Resolve the set of supported SignatureScheme
s from the
offered SupportedSignatureSchemes
. If we return an empty
set, the handshake terminates.
pub fn get_aead_alg(&self) -> &'static Algorithm
[src]
pub fn get_aead_alg(&self) -> &'static Algorithm
[src]Which AEAD algorithm to use for this suite.
pub fn key_block_len(&self) -> usize
[src]
pub fn key_block_len(&self) -> usize
[src]Length of key block that needs to be output by the key derivation phase for this suite.
pub fn usable_for_version(&self, version: ProtocolVersion) -> bool
[src]
pub fn usable_for_version(&self, version: ProtocolVersion) -> bool
[src]Return true if this suite is usable for TLS version
.
pub fn can_resume_to(&self, new_suite: &SupportedCipherSuite) -> bool
[src]
pub fn can_resume_to(&self, new_suite: &SupportedCipherSuite) -> bool
[src]Can a session using suite self resume using suite new_suite?
Trait Implementations
impl Debug for SupportedCipherSuite
[src]
impl Debug for SupportedCipherSuite
[src]