pub fn custom_symcrypt_provider(
provided_cipher_suites: Option<Vec<SupportedCipherSuite>>,
provided_kx_group: Option<Vec<&'static dyn SupportedKxGroup>>,
) -> CryptoProviderExpand description
custom_symcrypt_provider provides a way to set up an custom config using a symcrypt crypto backend.
provided_cipher_suites takes in an optional Vec<> of SupportedCipherSuites.
The supplied arguments for provided_cipher_suite will be used when when negotiating the TLS cipher suite;
and should be placed in preference order, where the first element has highest priority.
If None or an empty Vec<> is provided the DEFAULT_CIPHER_SUITES will be used instead.
provided_kx_group takes in an optional Vec<> of SupportedKxGroup
The supplied arguments for provided_kx_group will be used when when negotiating the TLS key exchange;
and should be placed in preference order, where the first element has highest priority.
If None or an empty Vec<> is provided the default will be used instead.
This call cannot fail.
Sample usage:
use rustls::{ClientConfig, RootCertStore};
use rustls_symcrypt::{custom_symcrypt_provider, TLS13_AES_128_GCM_SHA256, SECP256R1};
use std::sync::Arc;
use webpki_roots;
let mut root_store = RootCertStore {
roots: webpki_roots::TLS_SERVER_ROOTS.iter().cloned().collect(),
};
// Set custom config of cipher suites that have been imported from rustls_symcrypt.
let cipher_suites = vec![TLS13_AES_128_GCM_SHA256];
let kx_group = vec![SECP256R1];
let mut config =
ClientConfig::builder_with_provider(Arc::new(custom_symcrypt_provider(
Some(cipher_suites), Some(kx_group))))
.with_safe_default_protocol_versions()
.unwrap()
.with_root_certificates(root_store)
.with_no_client_auth();
// Rest of the connection setup