A cipher suite supported by rustls.
All possible instances of this class are provided by the library in
the ALL_CIPHERSUITES
array.
The TLS enumeration naming this cipher suite.
How to exchange/agree keys.
How to do bulk encryption.
Encryption key length, for the bulk algorithm.
How long the fixed part of the 'IV' is.
This isn't usually an IV, but we continue the
terminology misuse to match the standard.
This is a non-standard extension which extends the
key block to provide an initial explicit nonce offset,
in a deterministic and safe way. GCM needs this,
chacha20poly1305 works this way by design.
Which hash function to use with this suite.
We have parameters and a verified public key in kx_params
.
Generate an ephemeral key, generate the shared secret, and
return it and the public half in a KeyExchangeResult
.
Start the KX process with the given group. This generates
the server's share, but we don't yet have the client's share.
Resolve the set of supported SignatureScheme
s from the
offered SupportedSignatureSchemes
. If we return an empty
set, the handshake terminates.
Which AEAD algorithm to use for this suite.
Length of key block that needs to be output by the key
derivation phase for this suite.
Return true if this suite is usable for TLS version
.
Can a session using suite self resume using suite new_suite?
This method tests for self
and other
values to be equal, and is used by ==
. Read more
This method tests for !=
.
Formats the value using the given formatter. Read more
🔬 This is a nightly-only experimental API. (try_from
)
The type returned in the event of a conversion error.
🔬 This is a nightly-only experimental API. (try_from
)
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more
🔬 This is a nightly-only experimental API. (try_from
)
The type returned in the event of a conversion error.
🔬 This is a nightly-only experimental API. (try_from
)
🔬 This is a nightly-only experimental API. (get_type_id
)
this method will likely be replaced by an associated static