pub trait ClientCredentialResolver:
Debug
+ Send
+ Sync {
// Required methods
fn resolve(
&self,
request: &CredentialRequest<'_>,
) -> Option<SelectedCredential>;
fn supported_certificate_types(&self) -> &'static [CertificateType];
fn hash_config(&self, h: &mut dyn Hasher);
}Expand description
A trait for the ability to choose a certificate chain and private key for the purposes of client authentication.
Required Methods§
Sourcefn resolve(&self, request: &CredentialRequest<'_>) -> Option<SelectedCredential>
fn resolve(&self, request: &CredentialRequest<'_>) -> Option<SelectedCredential>
Resolve a client certificate chain/private key to use as the client’s identity.
The SelectedCredential returned from this method contains an identity and a
one-time-use Signer wrapping the private key. This is usually obtained via a
Credentials, on which an implementation can call Credentials::signer().
An implementation can either store long-lived Credentials values, or instantiate
them as needed using one of its constructors.
Return None to continue the handshake without any client
authentication. The server may reject the handshake later
if it requires authentication.
Sourcefn supported_certificate_types(&self) -> &'static [CertificateType]
fn supported_certificate_types(&self) -> &'static [CertificateType]
Returns which CertificateTypes this resolver supports.
Should return the empty slice if the resolver does not have any credentials to send. Implementations should return the same value every time.
See RFC 7250 for more information.
Sourcefn hash_config(&self, h: &mut dyn Hasher)
fn hash_config(&self, h: &mut dyn Hasher)
Instance configuration should be input to h.