Module casper_node::tls[−][src]

Expand description

Transport layer security and signing based on OpenSSL.

This module wraps some of the lower-level TLS constructs to provide a reasonably safe-to-use API surface for the rest of the application. It also fixes the security parameters of the TLS level in a central place.

Features include

a fixed set of chosen encryption parameters (SIGNATURE_ALGORITHM, SIGNATURE_CURVE, SIGNATURE_DIGEST),
construction of TLS acceptors for listening TCP sockets (create_tls_acceptor),
construction of TLS connectors for outgoing TCP connections (create_tls_connector),
creation and validation of self-signed certificates (generate_node_cert),
signing and verification of arbitrary values using keys from certificates (Signature, Signed), and
serde support for certificates (x509_serde)

Structs

KeyFingerprint

Public key fingerprint.

Signed

A signed value.

TlsCert

TLS certificate.

Enums

ValidationError

Error during certificate validation.

Functions

generate_node_cert

Generates a self-signed (key, certificate) pair suitable for TLS and signing.

save_cert

Saves a certificate to a file.

save_private_key

Saves a private key to a file.