Trait embedded_tls::blocking::TlsVerifier
source · pub trait TlsVerifier<'a, CipherSuite>where
CipherSuite: TlsCipherSuite,{
// Required methods
fn new(host: Option<&'a str>) -> Self;
fn verify_certificate(
&mut self,
transcript: &CipherSuite::Hash,
ca: &Option<Certificate<'_>>,
cert: CertificateRef<'_>
) -> Result<(), TlsError>;
fn verify_signature(
&mut self,
verify: CertificateVerify<'_>
) -> Result<(), TlsError>;
}
Expand description
A TLS 1.3 verifier.
The verifier is responsible for verifying certificates and signatures. Since certificate verification is an expensive process, this trait allows clients to choose how much verification should take place, and also to skip the verification if the server is verified through other means (I.e. a pre-shared key).
Required Methods§
sourcefn new(host: Option<&'a str>) -> Self
fn new(host: Option<&'a str>) -> Self
Create a new verification instance.
This method is called for every TLS handshake.
Host verification is enabled by passing a server hostname.
sourcefn verify_certificate(
&mut self,
transcript: &CipherSuite::Hash,
ca: &Option<Certificate<'_>>,
cert: CertificateRef<'_>
) -> Result<(), TlsError>
fn verify_certificate( &mut self, transcript: &CipherSuite::Hash, ca: &Option<Certificate<'_>>, cert: CertificateRef<'_> ) -> Result<(), TlsError>
Verify a certificate.
The handshake transcript up to this point and the server certificate is provided for the implementation to use.
sourcefn verify_signature(
&mut self,
verify: CertificateVerify<'_>
) -> Result<(), TlsError>
fn verify_signature( &mut self, verify: CertificateVerify<'_> ) -> Result<(), TlsError>
Verify the certificate signature.
The signature verification uses the transcript and certificate provided earlier to decode the provided signature.
Object Safety§
This trait is not object safe.