Module key_schedule

Key schedule maintenance for TLS1.3

Structs

• KeySchedule 🔒
  This is the TLS1.3 key schedule. It stores the current secret and the type of hash. This isn’t used directly; but only through the typestates.
• KeyScheduleClientBeforeFinished 🔒
• KeyScheduleEarly 🔒
  KeySchedule for early data stage.
• KeyScheduleHandshake 🔒
• KeyScheduleHandshakeStart 🔒
  KeySchedule during handshake.
• KeySchedulePreHandshake 🔒
  Pre-handshake key schedule
• KeyScheduleTraffic 🔒
  KeySchedule during traffic stage. All traffic & exporter keys are guaranteed to be available.
• KeyScheduleTrafficWithClientFinishedPending 🔒
  KeySchedule during traffic stage, retaining the ability to calculate the client’s finished verify_data. The traffic stage key schedule can be extracted from it through signing the client finished hash.
• ResumptionSecret 🔒

Enums

• SecretKind 🔒
  The kinds of secret we can extract from KeySchedule.

Functions

• derive_traffic_iv
  HKDF-Expand-Label where the output is an IV.
• derive_traffic_key
  HKDF-Expand-Label where the output is an AEAD key.
• hkdf_expand_label 🔒
  HKDF-Expand-Label where the output length is a compile-time constant, and therefore it is infallible.
• hkdf_expand_label_aead_key 🔒
  [HKDF-Expand-Label] where the output is an AEAD key.
• hkdf_expand_label_block 🔒
  [HKDF-Expand-Label] where the output is one block in size.
• hkdf_expand_label_inner 🔒
• hkdf_expand_label_slice 🔒
  [HKDF-Expand-Label] where the output is a slice.
• server_ech_hrr_confirmation_secret 🔒