rustls::tls13::key_schedule

Struct KeySchedule

Source 
struct KeySchedule {
    current: Box<dyn HkdfExpander>,
    inner: KeyScheduleSuite,
}
Expand description

This is the TLS1.3 key schedule. It stores the current secret and the type of hash. This isn’t used directly; but only through the typestates.

Fields§

§current: Box<dyn HkdfExpander>§inner: KeyScheduleSuite

Implementations§

Source§

impl KeySchedule

Source

fn new(suite: &'static Tls13CipherSuite, secret: &[u8]) -> Self

Source

fn new_with_empty_secret(suite: &'static Tls13CipherSuite) -> Self

Creates a key schedule without a PSK.

Source

fn input_empty(&mut self)

Input the empty secret.

RFC 8446: “If a given secret is not available, then the 0-value consisting of a string of Hash.length bytes set to zeros is used.”

Source

fn input_secret(&mut self, secret: &[u8])

Input the given secret.

Source

fn derive(&self, kind: SecretKind, hs_hash: &[u8]) -> OkmBlock

Derive a secret of given kind, using current handshake hash hs_hash.

More specifically

   Derive-Secret(., "derived", Messages)

where hs_hash is Messages.

Source

fn derive_logged_secret( &self, kind: SecretKind, hs_hash: &[u8], key_log: &dyn KeyLog, client_random: &[u8; 32], ) -> OkmBlock

Source

fn derive_for_empty_hash(&self, kind: SecretKind) -> OkmBlock

Derive a secret of given kind using the hash of the empty string for the handshake hash.

More specifically:

Derive-Secret(., Label, "")

where kind is Label.

Useful only for the following SecretKinds:

  • SecretKind::ExternalPskBinderKey
  • SecretKind::ResumptionPSKBinderKey
  • SecretKind::DerivedSecret

Methods from Deref<Target = KeyScheduleSuite>§

Source

fn set_encrypter(&self, secret: &OkmBlock, common: &mut CommonState)

Source

fn set_decrypter(&self, secret: &OkmBlock, common: &mut CommonState)

Source

fn derive_decrypter(&self, secret: &OkmBlock) -> Box<dyn MessageDecrypter>

Source

fn sign_finish(&self, base_key: &OkmBlock, hs_hash: &Output) -> Tag

Sign the finished message consisting of hs_hash using a current traffic secret.

See RFC 8446 section 4.4.4.

Source

fn sign_verify_data(&self, base_key: &OkmBlock, hs_hash: &Output) -> Tag

Sign the finished message consisting of hs_hash using the key material base_key.

See RFC 8446 section 4.4.4.

Source

fn derive_next(&self, base_key: &OkmBlock) -> OkmBlock

Derive the next application traffic secret, returning it.

Source

fn derive_ticket_psk(&self, rms: &OkmBlock, nonce: &[u8]) -> OkmBlock

Derive the PSK to use given a resumption_master_secret and ticket_nonce.

Source

fn export_keying_material( &self, current_exporter_secret: &OkmBlock, out: &mut [u8], label: &[u8], context: Option<&[u8]>, ) -> Result<(), Error>

Trait Implementations§

Source§

impl Deref for KeySchedule

Source§

type Target = KeyScheduleSuite

The resulting type after dereferencing.
Source§

fn deref(&self) -> &Self::Target

Dereferences the value.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<P, T> Receiver for P
where P: Deref<Target = T> + ?Sized, T: ?Sized,

Source§

type Target = T

🔬This is a nightly-only experimental API. (arbitrary_self_types)
The target type on which the method may be called.
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.