Module rustls
Expand description
Re-export of the rustls and tokio-rustls crates.
To facilitate the use of rustls types in API’s such as TlsAcceptorLayer.
Modules§
- client
- Re-export of client module of the
rustlsandtokio-rustlscrates. - compress
- Certificate compression and decompression support
- crypto
- Crypto provider interface.
- ffdhe_
groups - This module contains parameters for FFDHE named groups as defined in RFC 7919 Appendix A.
- kernel
- Kernel connection API.
- lock
- APIs abstracting over locking primitives.
- manual
- This is the rustls manual.
- pki_
types - Re-exports the contents of the rustls-pki-types crate for easy access
- quic
- APIs for implementing QUIC TLS
- server
- Re-export of server module of the
rustlsandtokio-rustlscrates. - sign
- Message signing interfaces.
- ticketer
- APIs for implementing TLS tickets
- time_
provider - The library’s source of time.
- unbuffered
- Unbuffered connection API
- version
- All defined protocol versions appear in this module.
Structs§
- Cipher
Suite Common - Common state for cipher suites (both for TLS 1.2 and TLS 1.3)
- Client
Config - Common configuration for (typically) all connections made by a program.
- Client
Connection - This represents a single TLS client connection.
- Common
State - Connection state common to both client and server connections.
- Config
Builder - A builder for
ServerConfigorClientConfigvalues. - Connection
Common - Interface shared by client and server connections.
- Digitally
Signed Struct - This type combines a
SignatureSchemeand a signature payload produced with that scheme. - Distinguished
Name - A
DistinguishedNameis aVec<u8>wrapped in internal types. - Extracted
Secrets - Secrets for transmitting/receiving data over a TLS session.
- IoState
- Values of this structure are returned from
Connection::process_new_packetsand tell the caller the current I/O state of the TLS connection. - KeyLog
File KeyLogimplementation that opens a file whose name is given by theSSLKEYLOGFILEenvironment variable, and writes keys into it.- NoKey
Log - KeyLog that does exactly nothing.
- Other
Error - Any other error that cannot be expressed by a more specific
Errorvariant. - Reader
- A structure that implements
std::io::Readfor reading plaintext. - Root
Cert Store - A container for root certificates able to provide a root-of-trust for connection authentication.
- Server
Config - Common configuration for a set of server sessions.
- Server
Connection - This represents a single TLS server connection.
- Stream
- This type implements
io::Readandio::Write, encapsulating a ConnectionCand an underlying transportT, such as a socket. - Stream
Owned - This type implements
io::Readandio::Write, encapsulating and owning a ConnectionCand an underlying blocking transportT, such as a socket. - Supported
Protocol Version - A TLS protocol version supported by rustls.
- Ticket
Rotator - A ticketer that has a ‘current’ sub-ticketer and a single ‘previous’ ticketer. It creates a new ticketer every so often, demoting the current ticketer.
- Ticket
Switcher - A ticketer that has a ‘current’ sub-ticketer and a single ‘previous’ ticketer. It creates a new ticketer every so often, demoting the current ticketer.
- Tls12
Cipher Suite - A TLS 1.2 cipher suite supported by rustls.
- Tls13
Cipher Suite - A TLS 1.3 cipher suite supported by rustls.
- Wants
Verifier - Config builder state where the caller must supply a verifier.
- Wants
Versions - Config builder state where the caller must supply TLS protocol versions.
- Writer
- A structure that implements
std::io::Writefor writing plaintext.
Enums§
- Alert
Description - The
AlertDescriptionTLS protocol enum. Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA. TheUnknownitem is used when processing unrecognised ordinals. - Cert
Revocation List Error - The ways in which a certificate revocation list (CRL) can be invalid.
- Certificate
Compression Algorithm - The “TLS Certificate Compression Algorithm IDs” TLS protocol enum. Values in this enum are taken from RFC8879.
- Certificate
Error - The ways in which certificate validators can express errors.
- Cipher
Suite - The
CipherSuiteTLS protocol enum. Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA. TheUnknownitem is used when processing unrecognised ordinals. - Connection
- A client or server connection.
- Connection
Traffic Secrets - Secrets used to encrypt/decrypt data in a TLS session.
- Content
Type - The
ContentTypeTLS protocol enum. Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA. TheUnknownitem is used when processing unrecognised ordinals. - Encrypted
Client Hello Error - An error that occurred while handling Encrypted Client Hello (ECH).
- Error
- rustls reports protocol errors using this type.
- Extended
KeyPurpose - Extended Key Usage (EKU) purpose values.
- Handshake
Kind - Describes which sort of handshake happened.
- Handshake
Type - The
HandshakeTypeTLS protocol enum. Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA. TheUnknownitem is used when processing unrecognised ordinals. - Inconsistent
Keys - Specific failure cases from
keys_matchor acrate::crypto::signer::SigningKeythat cannot produce a corresponding public key. - Invalid
Message - A corrupt TLS message payload that resulted in an error.
- Named
Group - The
NamedGroupTLS protocol enum. Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA. TheUnknownitem is used when processing unrecognised ordinals. - Peer
Incompatible - The set of cases where we failed to make a connection because a peer doesn’t support a TLS version/feature we require.
- Peer
Misbehaved - The set of cases where we failed to make a connection because we thought the peer was misbehaving.
- Protocol
Version - The
ProtocolVersionTLS protocol enum. Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA. TheUnknownitem is used when processing unrecognised ordinals. - Side
- Side of the connection.
- Signature
Algorithm - The
SignatureAlgorithmTLS protocol enum. Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA. TheUnknownitem is used when processing unrecognised ordinals. - Signature
Scheme - The
SignatureSchemeTLS protocol enum. Values in this enum are taken from the various RFCs covering TLS, and are listed by IANA. TheUnknownitem is used when processing unrecognised ordinals. - Supported
Cipher Suite - A cipher suite supported by rustls.
Statics§
- ALL_
VERSIONS - A list of all the protocol versions supported by rustls.
- DEFAULT_
VERSIONS - The version configuration that an application should use by default.
Traits§
- Config
Side - Helper trait to abstract
ConfigBuilderover building aClientConfigorServerConfig. - KeyLog
- This trait represents the ability to do something useful with key material, such as logging it to a file for debugging.
- Side
Data - Data specific to the peer’s side (client or server).