Trait rustls::crypto::tls12::Prf

source ·
pub trait Prf: Send + Sync {
    // Required methods
    fn for_key_exchange(
        &self,
        output: &mut [u8; 48],
        kx: Box<dyn ActiveKeyExchange>,
        peer_pub_key: &[u8],
        label: &[u8],
        seed: &[u8],
    ) -> Result<(), Error>;
    fn for_secret(
        &self,
        output: &mut [u8],
        secret: &[u8],
        label: &[u8],
        seed: &[u8],
    );

    // Provided method
    fn fips(&self) -> bool { ... }
}
Expand description

An instantiation of the TLS1.2 PRF with a specific, implicit hash function.

See the definition in RFC5246 section 5.

See PrfUsingHmac as a route to implementing this trait with just an implementation of hmac::Hmac.

Required Methods§

source

fn for_key_exchange( &self, output: &mut [u8; 48], kx: Box<dyn ActiveKeyExchange>, peer_pub_key: &[u8], label: &[u8], seed: &[u8], ) -> Result<(), Error>

Computes PRF(secret, label, seed) using the secret from a completed key exchange.

Completes the given key exchange, and then uses the resulting shared secret to compute the PRF, writing the result into output.

The caller guarantees that label, seed are non-empty. The caller makes no guarantees about the contents of peer_pub_key. It must be validated by ActiveKeyExchange::complete.

source

fn for_secret( &self, output: &mut [u8], secret: &[u8], label: &[u8], seed: &[u8], )

Computes PRF(secret, label, seed), writing the result into output.

The caller guarantees that secret, label, and seed are non-empty.

Provided Methods§

source

fn fips(&self) -> bool

Return true if this is backed by a FIPS-approved implementation.

Implementors§