srt_protocol::options

Struct Encryption

Source 
pub struct Encryption {
    pub key_size: KeySize,
    pub passphrase: Option<Passphrase>,
    pub km_refresh: KeyMaterialRefresh,
}

Fields§

§key_size: KeySize

SRTO_PBKEYLEN

Encryption key length.

Possible values:

0 = PBKEYLEN (default value) 16 = AES-128 (effective value) 24 = AES-192 32 = AES-256

The use is slightly different in 1.2.0 (HSv4), and since 1.3.0 (HSv5):

HSv4: This is set on the sender and enables encryption, if not 0. The receiver shall not set it and will agree on the length as defined by the sender.

HSv5: The “default value” for PBKEYLEN is 0, which means that the PBKEYLEN won’t be advertised. The “effective value” for PBKEYLEN is 16, but this applies only when neither party has set the value explicitly (i.e. when both are initially at the default value of 0). If any party has set an explicit value (16, 24, 32) it will be advertised in the handshake. If the other party remains at the default 0, it will accept the peer’s value. The situation where both parties set a value should be treated carefully. Actually there are three intended methods of defining it, and all other uses are considered undefined behavior:

Unidirectional: the sender shall set PBKEYLEN and the receiver shall not alter the default value 0. The effective PBKEYLEN will be the one set on the sender. The receiver need not know the sender’s PBKEYLEN, just the passphrase, PBKEYLEN will be correctly passed.

Bidirectional in Caller-Listener arrangement: it is recommended to use a rule whereby you will be setting the PBKEYLEN exclusively either on the Listener or on the Caller. The value set on the Listener will win, if set on both parties.

Bidirectional in Rendezvous arrangement: you have to know the passphrases for both parties, as well as PBKEYLEN. Set PBKEYLEN to the same value on both parties (or leave the default value on both parties, which will result in 16)

Unwanted behavior cases: if both parties set PBKEYLEN and the value on both sides is different, the effective PBKEYLEN will be the one that is set on the Responder party, which may also override the PBKEYLEN 32 set by the sender to value 16 if such value was used by the receiver. The Responder party is the Listener in a Caller-Listener arrangement. In Rendezvous it’s a matter of luck which party becomes the Responder.

§passphrase: Option<Passphrase>

SRTO_PASSPHRASE Sets the passphrase for encryption. This enables encryption on this party (or disables it, if an empty passphrase is passed). The password must be minimum 10 and maximum 79 characters long.

The passphrase is the shared secret between the sender and the receiver. It is used to generate the Key Encrypting Key using PBKDF2 (Password-Based Key Derivation Function 2).

When a socket with configured passphrase is being connected, the peer must have the same password set, or the connection is rejected. This behavior can be changed by SRTO_ENFORCEDENCRYPTION.

Note that since the introduction of bidirectional support, there’s only one initial encryption key to encrypt the stream (new keys after refreshing will be updated independently), and there’s no distinction between “service party that defines the password” and “client party that is required to set matching password” - both parties are equivalent, and in order to have a working encrypted connection, they have to simply set the same passphrase.

§km_refresh: KeyMaterialRefresh

Trait Implementations§

Source§

impl Clone for Encryption

Source§

fn clone(&self) -> Encryption

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Encryption

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for Encryption

Source§

fn default() -> Encryption

Returns the “default value” for a type. Read more
Source§

impl OptionsOf<Encryption> for CallerOptions

Source§

fn set_options(&mut self, value: Encryption)

Source§

impl OptionsOf<Encryption> for ListenerOptions

Source§

fn set_options(&mut self, value: Encryption)

Source§

impl OptionsOf<Encryption> for RendezvousOptions

Source§

fn set_options(&mut self, value: Encryption)

Source§

impl OptionsOf<Encryption> for SocketOptions

Source§

fn set_options(&mut self, value: Encryption)

Source§

impl PartialEq for Encryption

Source§

fn eq(&self, other: &Encryption) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Validation for Encryption

Source§

type Error = OptionsError

Source§

fn is_valid(&self) -> Result<(), Self::Error>

Source§

fn try_validate(self) -> Result<Valid<Self>, Self::Error>

Source§

impl Eq for Encryption

Source§

impl StructuralPartialEq for Encryption

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> ErasedDestructor for T
where T: 'static,