Trait rustls::KeyLog [−][src]
This trait represents the ability to do something useful with key material, such as logging it to a file for debugging.
Naturally, secrets passed over the interface are extremely sensitive and can break the security of past, present and future sessions.
You’ll likely want some interior mutability in your implementation to make this useful.
See KeyLogFile
that implements the standard SSLKEYLOGFILE
environment variable behaviour.
Required methods
fn log(&self, label: &str, client_random: &[u8], secret: &[u8])
[src]
Log the given secret
. client_random
is provided for
session identification. label
describes precisely what
secret
means:
CLIENT_RANDOM
:secret
is the master secret for a TLSv1.2 session.CLIENT_EARLY_TRAFFIC_SECRET
:secret
encrypts early data transmitted by a clientSERVER_HANDSHAKE_TRAFFIC_SECRET
:secret
encrypts handshake messages from the server during a TLSv1.3 handshake.CLIENT_HANDSHAKE_TRAFFIC_SECRET
:secret
encrypts handshake messages from the client during a TLSv1.3 handshake.SERVER_TRAFFIC_SECRET_0
:secret
encrypts post-handshake data from the server in a TLSv1.3 session.CLIENT_TRAFFIC_SECRET_0
:secret
encrypts post-handshake data from the client in a TLSv1.3 session.EXPORTER_SECRET
:secret
is the post-handshake exporter secret in a TLSv1.3 session.
These strings are selected to match the NSS key log format: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format
Provided methods
fn will_log(&self, _label: &str) -> bool
[src]
Indicates whether the secret with label label
will be logged.
If will_log
returns true then log
will be called with the secret.
Otherwise, log
will not be called for the secret. This is a
performance optimization.