Struct bearssl::br_ssl_server_choices

#[repr(C)]
pub struct br_ssl_server_choices {
    pub cipher_suite: u16,
    pub algo_id: c_uint,
    pub chain: *const br_x509_certificate,
    pub chain_len: usize,
}

\brief Type for the server policy choices, taken after analysis of the client message (ClientHello).

Fields

cipher_suite: u16

\brief Cipher suite to use with that client.

algo_id: c_uint

\brief Hash function or algorithm for signing the ServerKeyExchange.

This parameter is ignored for TLS_RSA_* and TLS_ECDH_* cipher suites; it is used only for TLS_ECDHE_* suites, in which the server signs the ephemeral EC Diffie-Hellman parameters sent to the client.

This identifier must be one of the following values:

• 0xFF00 + id, where id is a hash function identifier (0 for MD5+SHA-1, or 2 to 6 for one of the SHA functions);

• a full 16-bit identifier, lower than 0xFF00.

If the first option is used, then the SSL engine will compute the hash of the data that is to be signed, with the designated hash function. The do_sign() method will be invoked with that hash value provided in the the data buffer.

If the second option is used, then the SSL engine will NOT compute a hash on the data; instead, it will provide the to-be-signed data itself in data, i.e. the concatenation of the client random, server random, and encoded ECDH parameters. Furthermore, with TLS-1.2 and later, the 16-bit identifier will be used "as is" in the protocol, in the SignatureAndHashAlgorithm; for instance, 0x0401 stands for RSA PKCS#1 v1.5 signature (the 01) with SHA-256 as hash function (the 04).

Take care that with TLS 1.0 and 1.1, the hash function is constrainted by the protocol: RSA signature must use MD5+SHA-1 (so use 0xFF00), while ECDSA must use SHA-1 (0xFF02). Since TLS 1.0 and 1.1 don't include a SignatureAndHashAlgorithm field in their ServerKeyExchange messages, any value below 0xFF00 will be usable to send the raw ServerKeyExchange data to the do_sign() callback, but that callback must still follow the protocol requirements when generating the signature.

chain: *const br_x509_certificate

\brief Certificate chain to send to the client.

This is an array of br_x509_certificate objects, each normally containing a DER-encoded certificate. The server code does not try to decode these elements.

chain_len: usize

\brief Certificate chain length (number of certificates).

Trait Implementations

impl Debug for br_ssl_server_choices

fn fmt(&self, __arg_0: &mut Formatter) -> Result

Formats the value using the given formatter.

impl Copy for br_ssl_server_choices

impl Clone for br_ssl_server_choices

fn clone(&self) -> br_ssl_server_choices

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.