Struct bearssl::br_ssl_client_certificate

#[repr(C)]
pub struct br_ssl_client_certificate {
    pub auth_type: c_int,
    pub hash_id: c_int,
    pub chain: *const br_x509_certificate,
    pub chain_len: usize,
}

\brief Type for the client certificate, if requested by the server.

Fields

auth_type: c_int

\brief Authentication type.

This is either BR_AUTH_RSA (RSA signature), BR_AUTH_ECDSA (ECDSA signature), or BR_AUTH_ECDH (static ECDH key exchange).

hash_id: c_int

\brief Hash function for computing the CertificateVerify.

This is the symbolic identifier for the hash function that will be used to produce the hash of handshake messages, to be signed into the CertificateVerify. For full static ECDH (client and server certificates are both EC in the same curve, and static ECDH is used), this value is set to -1.

Take care that with TLS 1.0 and 1.1, that value MUST match the protocol requirements: value must be 0 (MD5+SHA-1) for a RSA signature, or 2 (SHA-1) for an ECDSA signature. Only TLS 1.2 allows for other hash functions.

chain: *const br_x509_certificate

\brief Certificate chain to send to the server.

This is an array of br_x509_certificate objects, each normally containing a DER-encoded certificate. The client code does not try to decode these elements. If there is no chain to send to the server, then this pointer shall be set to NULL.

chain_len: usize

\brief Certificate chain length (number of certificates).

If there is no chain to send to the server, then this value shall be set to 0.

Trait Implementations

impl Debug for br_ssl_client_certificate

fn fmt(&self, __arg_0: &mut Formatter) -> Result

Formats the value using the given formatter.

impl Copy for br_ssl_client_certificate

impl Clone for br_ssl_client_certificate

fn clone(&self) -> br_ssl_client_certificate

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.