Struct ClientExtensions 

#[non_exhaustive]
pub(crate) struct ClientExtensions<'a> {

    pub(crate) server_name: Option<ServerNamePayload<'a>>,
    pub(crate) certificate_status_request: Option<CertificateStatusRequest>,
    pub(crate) named_groups: Option<Vec<NamedGroup>>,
    pub(crate) ec_point_formats: Option<SupportedEcPointFormats>,
    pub(crate) signature_schemes: Option<Vec<SignatureScheme>>,
    pub(crate) protocols: Option<Vec<ProtocolName>>,
    pub(crate) client_certificate_types: Option<Vec<CertificateType>>,
    pub(crate) server_certificate_types: Option<Vec<CertificateType>>,
    pub(crate) extended_master_secret_request: Option<()>,
    pub(crate) certificate_compression_algorithms: Option<Vec<CertificateCompressionAlgorithm>>,
    pub(crate) session_ticket: Option<ClientSessionTicket>,
    pub(crate) preshared_key_offer: Option<PresharedKeyOffer>,
    pub(crate) early_data_request: Option<()>,
    pub(crate) supported_versions: Option<SupportedProtocolVersions>,
    pub(crate) cookie: Option<PayloadU16<NonEmpty>>,
    pub(crate) preshared_key_modes: Option<PskKeyExchangeModes>,
    pub(crate) certificate_authority_names: Option<Vec<DistinguishedName>>,
    pub(crate) key_shares: Option<Vec<KeyShareEntry>>,
    pub(crate) transport_parameters: Option<Payload<'a>>,
    pub(crate) renegotiation_info: Option<PayloadU8>,
    pub(crate) transport_parameters_draft: Option<Payload<'a>>,
    pub(crate) encrypted_client_hello: Option<EncryptedClientHello>,
    pub(crate) encrypted_client_hello_outer: Option<Vec<ExtensionType>>,
    pub(crate) order_seed: u16,
    pub(crate) contiguous_extensions: Vec<ExtensionType>,
}

A representation of extensions present in a ClientHello message

All extensions are optional (by definition) so are represented with Option<T>.

Some extensions have an empty value and are represented with Option<()>.

Unknown extensions are dropped during parsing.

Fields (Non-exhaustive)

Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.

server_name: Option<ServerNamePayload<'a>>

Requested server name indication (RFC6066)

certificate_status_request: Option<CertificateStatusRequest>

Certificate status is requested (RFC6066)

named_groups: Option<Vec<NamedGroup>>

Supported groups (RFC4492/RFC8446)

ec_point_formats: Option<SupportedEcPointFormats>

Supported EC point formats (RFC4492)

signature_schemes: Option<Vec<SignatureScheme>>

Supported signature schemes (RFC5246/RFC8446)

protocols: Option<Vec<ProtocolName>>

Offered ALPN protocols (RFC6066)

client_certificate_types: Option<Vec<CertificateType>>

Available client certificate types (RFC7250)

server_certificate_types: Option<Vec<CertificateType>>

Acceptable server certificate types (RFC7250)

extended_master_secret_request: Option<()>

Extended master secret is requested (RFC7627)

certificate_compression_algorithms: Option<Vec<CertificateCompressionAlgorithm>>

Offered certificate compression methods (RFC8879)

session_ticket: Option<ClientSessionTicket>

Session ticket offer or request (RFC5077/RFC8446)

preshared_key_offer: Option<PresharedKeyOffer>

Offered preshared keys (RFC8446)

early_data_request: Option<()>

Early data is requested (RFC8446)

supported_versions: Option<SupportedProtocolVersions>

Supported TLS versions (RFC8446)

cookie: Option<PayloadU16<NonEmpty>>

Stateless HelloRetryRequest cookie (RFC8446)

preshared_key_modes: Option<PskKeyExchangeModes>

Offered preshared key modes (RFC8446)

certificate_authority_names: Option<Vec<DistinguishedName>>

Certificate authority names (RFC8446)

key_shares: Option<Vec<KeyShareEntry>>

Offered key exchange shares (RFC8446)

transport_parameters: Option<Payload<'a>>

QUIC transport parameters (RFC9001)

renegotiation_info: Option<PayloadU8>

Secure renegotiation (RFC5746)

transport_parameters_draft: Option<Payload<'a>>

QUIC transport parameters (RFC9001 prior to draft 33)

encrypted_client_hello: Option<EncryptedClientHello>

Encrypted inner client hello (draft-ietf-tls-esni)

encrypted_client_hello_outer: Option<Vec<ExtensionType>>

Encrypted client hello outer extensions (draft-ietf-tls-esni)

order_seed: u16

Order randomization seed.

contiguous_extensions: Vec<ExtensionType>

Extensions that must appear contiguously.

Implementations

impl<'a> ClientExtensions<'a>

const ALL_EXTENSIONS: &'static [ExtensionType]

Every ExtensionType this structure may encode/decode.

fn read_one( &mut self, r: &mut Reader<'a>, unknown: impl FnMut(ExtensionType) -> Result<(), InvalidMessage>, ) -> Result<ExtensionType, InvalidMessage>

Reads one extension typ, length and body from r.

Unhandled extensions (according to read_extension_body() are inserted into unknown_extensions)

fn read_extension_body( &mut self, typ: ExtensionType, r: &mut Reader<'a>, ) -> Result<bool, InvalidMessage>

Reads one extension body for an extension named by typ.

Returns true if handled, false otherwise.

r is fully consumed if typ is unhandled.

fn read_once<T>( r: &mut Reader<'a>, id: ExtensionType, out: &mut Option<T>, ) -> Result<(), InvalidMessage>

where T: Codec<'a>,

Decode r as T into out, only if out is None.

fn encode_one(&self, typ: ExtensionType, output: &mut Vec<u8>)

Encode one extension body for typ into output.

Adds nothing to output if typ is absent from this struct, either because it is None or unhandled by this struct.

pub(crate) fn collect_used(&self) -> Vec<ExtensionType>

Return a list of extensions whose items are Some

pub(crate) fn clone_one(&mut self, source: &Self, typ: ExtensionType)

Clone the value of the extension identified by typ from source to self.

Does nothing if typ is not an extension handled by this object.

pub(crate) fn clear(&mut self, typ: ExtensionType)

Remove the extension identified by typ from self.

pub(crate) fn only_contains(&self, allowed: &[ExtensionType]) -> bool

Return true if all present extensions are named in allowed

pub(crate) fn contains_any(&self, exts: &[ExtensionType]) -> bool

Return true if any extension named in exts is present.

fn contains(&self, e: ExtensionType) -> bool

impl ClientExtensions<'_>

pub(crate) fn into_owned(self) -> ClientExtensions<'static>

pub(crate) fn used_extensions_in_encoding_order(&self) -> Vec<ExtensionType>

fn order_insensitive_extensions_in_random_order(&self) -> Vec<ExtensionType>

Returns extensions which don’t need a specific order, in randomized order.

Extensions are encoded in three portions:

• First, extensions not otherwise dealt with by other cases. These are encoded in random order, controlled by self.order_seed, and this is the set of extensions returned by this function.

• Second, extensions named in self.contiguous_extensions, in the order given by that field.

• Lastly, any ECH and PSK extensions (in that order). These are required to be last by the standard.

Trait Implementations

impl<'a> Clone for ClientExtensions<'a>

fn clone(&self) -> ClientExtensions<'a>

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<'a> Codec<'a> for ClientExtensions<'a>

fn encode(&self, bytes: &mut Vec<u8>)

Function for encoding itself by appending itself to the provided vec of bytes.

fn read(r: &mut Reader<'a>) -> Result<Self, InvalidMessage>

Function for decoding itself from the provided reader will return Some if the decoding was successful or None if it was not.

fn get_encoding(&self) -> Vec<u8>

Convenience function for encoding the implementation into a vec and returning it

fn read_bytes(bytes: &'a [u8]) -> Result<Self, InvalidMessage>

Function for wrapping a call to the read function in a Reader for the slice of bytes provided

impl<'a> Debug for ClientExtensions<'a>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'a> Default for ClientExtensions<'a>

fn default() -> ClientExtensions<'a>

Returns the “default value” for a type.