Struct rustls::SupportedCipherSuite [−][src]
A cipher suite supported by rustls.
All possible instances of this class are provided by the library in
the ALL_CIPHERSUITES
array.
Fields
suite: CipherSuite
The TLS enumeration naming this cipher suite.
kx: KeyExchangeAlgorithm
How to exchange/agree keys.
bulk: BulkAlgorithm
How to do bulk encryption.
hash: HashAlgorithm
How to do hashing.
sign: Option<&'static [SignatureScheme]>
How to sign messages for authentication.
This is not present for TLS1.3, because authentication is orthogonal to the ciphersuite concept there.
enc_key_len: usize
Encryption key length, for the bulk algorithm.
fixed_iv_len: usize
How long the fixed part of the ‘IV’ is.
This isn’t usually an IV, but we continue the terminology misuse to match the standard.
explicit_nonce_len: usize
This is a non-standard extension which extends the key block to provide an initial explicit nonce offset, in a deterministic and safe way. GCM needs this, chacha20poly1305 works this way by design.
Implementations
impl SupportedCipherSuite
[src]
pub fn get_hash(&self) -> &'static Algorithm
[src]
Which hash function to use with this suite.
pub fn do_client_kx(&self, kx_params: &[u8]) -> Option<KeyExchangeResult>
[src]
We have parameters and a verified public key in kx_params
.
Generate an ephemeral key, generate the shared secret, and
return it and the public half in a KeyExchangeResult
.
pub fn start_server_kx(&self, named_group: NamedGroup) -> Option<KeyExchange>
[src]
Start the KX process with the given group. This generates the server’s share, but we don’t yet have the client’s share.
pub fn resolve_sig_schemes(
&self,
offered: &[SignatureScheme]
) -> Vec<SignatureScheme>
[src]
&self,
offered: &[SignatureScheme]
) -> Vec<SignatureScheme>
Resolve the set of supported SignatureScheme
s from the
offered SupportedSignatureSchemes
. If we return an empty
set, the handshake terminates.
pub fn key_block_len(&self) -> usize
[src]
Length of key block that needs to be output by the key derivation phase for this suite.
pub fn usable_for_version(&self, version: ProtocolVersion) -> bool
[src]
Return true if this suite is usable for TLS version
.
pub fn usable_for_sigalg(&self, sigalg: SignatureAlgorithm) -> bool
[src]
Return true if this suite is usable for a key only offering sigalg
signatures. This resolves to true for all TLS1.3 suites.
pub fn can_resume_to(&self, new_suite: &SupportedCipherSuite) -> bool
[src]
Can a session using suite self resume using suite new_suite?
Trait Implementations
impl Debug for SupportedCipherSuite
[src]
impl PartialEq<SupportedCipherSuite> for SupportedCipherSuite
[src]
Auto Trait Implementations
impl RefUnwindSafe for SupportedCipherSuite
impl Send for SupportedCipherSuite
impl Sync for SupportedCipherSuite
impl Unpin for SupportedCipherSuite
impl UnwindSafe for SupportedCipherSuite
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,