Trait TlsSession

Source

pub trait TlsSession {
    // Required methods
    fn peer(&self) -> Peer;
    fn protocol_version(&self) -> ProtocolVersion;
    fn update_tx_secret(&mut self) -> Result<TlsCryptoInfoTx>;
    fn update_rx_secret(&mut self) -> Result<TlsCryptoInfoRx>;
    fn handle_new_session_ticket(&mut self, _payload: &[u8]) -> Result<()>;
}

Expand description

TLS session context abstraction.

The kernel only handles TLS encryption and decryption, while the TLS implementation should provide the necessary TLS session context management, including key updates and handling of NewSessionTicket messages.

Required Methods§

Source

fn peer(&self) -> Peer

Retrieves which peer this session represents (client or server).

Source

fn protocol_version(&self) -> ProtocolVersion

Retrieves the protocol version agreed with the peer.

Source

fn update_tx_secret(&mut self) -> Result<TlsCryptoInfoTx>

Update the traffic secret used for encrypting messages sent to the peer.

Returns the new traffic secret and initial sequence number to use.

This method is called once we send a TLS 1.3 key update message to the peer.

§Errors

Various errors may be returned depending on the implementation.

Source

fn update_rx_secret(&mut self) -> Result<TlsCryptoInfoRx>

Update the traffic secret used for decrypting messages received from the peer.

Returns the new traffic secret and initial sequence number to use.

This method is called once we receive a TLS 1.3 key update message from the peer.

§Errors

Various errors may be returned depending on the implementation.

Source

fn handle_new_session_ticket(&mut self, _payload: &[u8]) -> Result<()>

Handles a NewSessionTicket message received from the peer.

This method expects to be passed the inner payload of the handshake message. This means that you will need to parse the header of the handshake message in order to determine the correct payload to pass in. The message format is described in RFC 8446 section 4. payload should not include the msg_type or length fields.