Expand description
Crypto provider interface.
Modules§
- aws_
lc_ rs aws-lc-rs - aws-lc-rs-based CryptoProvider.
- cipher
- TLS message encryption/decryption interfaces.
- hash
- Hashing interfaces.
- hmac
- HMAC interfaces.
- hpke
- Hybrid public key encryption (RFC 9180).
- kx
- Key exchange interfaces.
- tls12
- Cryptography specific to TLS1.2.
- tls13
- Cryptography specific to TLS1.3.
Structs§
- Certificate
Identity - Data required to verify the peer’s identity.
- Cipher
Suite Common - Common state for cipher suites (both for TLS 1.2 and TLS 1.3)
- Credentials
- A packaged-together certificate chain, matching
SigningKeyand optional stapled OCSP response. - Crypto
Provider - Controls core cryptography used by rustls.
- GetRandom
Failed - Random material generation failed.
- Selected
Credential - A packaged-together certificate chain and one-time-use signer.
- Single
Credential - Server certificate resolver which always resolves to the same identity and key.
- WebPki
Supported Algorithms - Describes which
webpkisignature verification algorithms are supported and how they map to TLSSignatureSchemes.
Enums§
- Cipher
Suite - The
CipherSuiteTLS protocol enum. Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA. TheUnknownitem is used when processing unrecognized ordinals. - Hash
Algorithm - The
HashAlgorithmTLS protocol enum. Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA. TheUnknownitem is used when processing unrecognized ordinals. - Identity
- A peer’s identity, depending on the negotiated certificate type.
- Inconsistent
Keys - Specific failure cases from
Credentials::new()or acrate::crypto::SigningKeythat cannot produce a corresponding public key. - Signature
Algorithm - The
SignatureAlgorithmTLS protocol enum. Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA. TheUnknownitem is used when processing unrecognized ordinals. - Signature
Scheme - The
SignatureSchemeTLS protocol enum. Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA. TheUnknownitem is used when processing unrecognized ordinals.
Traits§
- KeyProvider
- A mechanism for loading private
SigningKeys from [PrivateKeyDer]. - Secure
Random - A source of cryptographically secure randomness.
- Signer
- A thing that can sign a message.
- Signing
Key - An abstract signing key.
- Ticket
Producer - A trait for the ability to encrypt and decrypt tickets.
- Ticketer
Factory - A factory that builds
TicketProducers.
Functions§
- default_
fips_ provider fips - This function returns a
CryptoProviderthat uses FIPS140-3-approved cryptography. - public_
key_ to_ spki - Convert a public key and algorithm identifier into [
SubjectPublicKeyInfoDer]. - verify_
tls12_ signature - Verify a message signature using the
certpublic key and any supported scheme. - verify_
tls13_ signature - Verify a message signature using the
certpublic key and the first TLS 1.3 compatible supported scheme.