Expand description
§rustls-cng-crypto
A rustls crypto provider for Windows that uses CNG for crypto.
§Supported Ciphers
Supported cipher suites are listed below, in descending order of preference.
If the tls12 feature is disabled then the TLS 1.2 cipher suites will not be available.
§TLS 1.3
TLS13_AES_256_GCM_SHA384TLS13_AES_128_GCM_SHA256TLS13_CHACHA20_POLY1305_SHA256
§TLS 1.2
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
§Supported Key Exchanges
In descending order of preference:
- X25519
- SECP256R1
- SECP384R1
§Usage
Add rustls-cng-crypto to your Cargo.toml:
[dependencies]
rustls = { version = "0.23.0", features = ["tls12", "std"], default-features = false }
rustls_cng_crypto = "0.1.0"§Configuration
Use default_provider() to create a provider using cipher suites and key exchange groups listed above.
Use custom_provider() to specify custom cipher suites and key exchange groups.
§Features
tls12: Enables TLS 1.2 cipher suites. Enabled by default.
Modules§
- Supported cipher suites.
- Supported key exchange groups.
Structs§
- A struct that implements
rustls::crypto::KeyProvider. - A struct that implements
rustls::crypto::SecureRandomusing CNG. - A handle that, when dropped, will free all algorithm providers initialized by this crate.
Constants§
Statics§
- All supported cipher suites in descending order of preference:
- A
WebPkiSupportedAlgorithmsvalue defining the supported signature algorithms.
Functions§
- Create a
CryptoProviderwith specific cipher suites and key exchange groups - Returns a CNG-based
CryptoProviderusing all available cipher suites (ALL_CIPHER_SUITES) and key exchange groups (ALL_KX_GROUPS).