pub fn default_symcrypt_provider_arc() -> Arc<CryptoProvider>Expand description
Returns a process-cached Arc<CryptoProvider> for callers that want
session-/connection-/test-scoped sharing without paying for repeated
Vec<SupportedCipherSuite> and Vec<&dyn SupportedKxGroup> allocations
on every call to default_symcrypt_provider.
Initialized lazily on the first call; subsequent calls are an
Arc::clone (atomic refcount bump, no heap allocation).
Prefer this over Arc::new(default_symcrypt_provider()) in any code
path that may run more than once per process — TLS integration tests,
per-connection setup, multi-config harnesses, etc.
use rustls::{ClientConfig, RootCertStore};
use rustls_symcrypt::default_symcrypt_provider_arc;
use webpki_roots;
let mut root_store = RootCertStore {
roots: webpki_roots::TLS_SERVER_ROOTS.iter().cloned().collect(),
};
let provider = default_symcrypt_provider_arc();
let mut config = ClientConfig::builder_with_provider(provider)
.with_safe_default_protocol_versions()
.unwrap()
.with_root_certificates(root_store)
.with_no_client_auth();