[][src]Struct rustls::SupportedCipherSuite

pub struct SupportedCipherSuite {
    pub suite: CipherSuite,
    pub kx: KeyExchangeAlgorithm,
    pub bulk: BulkAlgorithm,
    pub hash: HashAlgorithm,
    pub sign: SignatureAlgorithm,
    pub enc_key_len: usize,
    pub fixed_iv_len: usize,
    pub explicit_nonce_len: usize,
}

A cipher suite supported by rustls.

All possible instances of this class are provided by the library in the ALL_CIPHERSUITES array.

Fields

suite: CipherSuite

The TLS enumeration naming this cipher suite.

kx: KeyExchangeAlgorithm

How to exchange/agree keys.

bulk: BulkAlgorithm

How to do bulk encryption.

hash: HashAlgorithm

How to do hashing.

sign: SignatureAlgorithm

How to sign messages.

enc_key_len: usize

Encryption key length, for the bulk algorithm.

fixed_iv_len: usize

How long the fixed part of the 'IV' is.

This isn't usually an IV, but we continue the terminology misuse to match the standard.

explicit_nonce_len: usize

This is a non-standard extension which extends the key block to provide an initial explicit nonce offset, in a deterministic and safe way. GCM needs this, chacha20poly1305 works this way by design.

Methods

impl SupportedCipherSuite
[src]

pub fn get_hash(&self) -> &'static Algorithm
[src]

Which hash function to use with this suite.

pub fn do_client_kx(&self, kx_params: &[u8]) -> Option<KeyExchangeResult>
[src]

We have parameters and a verified public key in kx_params. Generate an ephemeral key, generate the shared secret, and return it and the public half in a KeyExchangeResult.

pub fn start_server_kx(&self, named_group: NamedGroup) -> Option<KeyExchange>
[src]

Start the KX process with the given group. This generates the server's share, but we don't yet have the client's share.

pub fn resolve_sig_schemes(
    &self,
    offered: &[SignatureScheme]
) -> Vec<SignatureScheme>
[src]

Resolve the set of supported SignatureSchemes from the offered SupportedSignatureSchemes. If we return an empty set, the handshake terminates.

pub fn get_aead_alg(&self) -> &'static Algorithm
[src]

Which AEAD algorithm to use for this suite.

pub fn key_block_len(&self) -> usize
[src]

Length of key block that needs to be output by the key derivation phase for this suite.

pub fn usable_for_version(&self, version: ProtocolVersion) -> bool
[src]

Return true if this suite is usable for TLS version.

pub fn can_resume_to(&self, new_suite: &SupportedCipherSuite) -> bool
[src]

Can a session using suite self resume using suite new_suite?

Trait Implementations

impl PartialEq<SupportedCipherSuite> for SupportedCipherSuite
[src]

#[must_use]
fn ne(&self, other: &Rhs) -> bool
1.0.0
[src]

This method tests for !=.

impl Debug for SupportedCipherSuite
[src]

Auto Trait Implementations

Blanket Implementations

impl<T> From for T
[src]

impl<T, U> Into for T where
    U: From<T>, 
[src]

impl<T, U> TryFrom for T where
    T: From<U>, 
[src]

type Error = !

🔬 This is a nightly-only experimental API. (try_from)

The type returned in the event of a conversion error.

impl<T> Borrow for T where
    T: ?Sized
[src]

impl<T> BorrowMut for T where
    T: ?Sized
[src]

impl<T, U> TryInto for T where
    U: TryFrom<T>, 
[src]

type Error = <U as TryFrom<T>>::Error

🔬 This is a nightly-only experimental API. (try_from)

The type returned in the event of a conversion error.

impl<T> Any for T where
    T: 'static + ?Sized
[src]