Trait rustls::client::ResolvesClientCert

pub trait ResolvesClientCert:
    Debug
    + Send
    + Sync {
    // Required methods
    fn resolve(
        &self,
        root_hint_subjects: &[&[u8]],
        sigschemes: &[SignatureScheme],
    ) -> Option<Arc<CertifiedKey>>;
    fn has_certs(&self) -> bool;
}

A trait for the ability to choose a certificate chain and private key for the purposes of client authentication.

Required Methods

fn resolve( &self, root_hint_subjects: &[&[u8]], sigschemes: &[SignatureScheme], ) -> Option<Arc<CertifiedKey>>

Resolve a client certificate chain/private key to use as the client’s identity.

root_hint_subjects is an optional list of certificate authority subject distinguished names that the client can use to help decide on a client certificate the server is likely to accept. If the list is empty, the client should send whatever certificate it has. The hints are expected to be DER-encoded X.500 distinguished names, per RFC 5280 A.1. See DistinguishedName for more information on decoding with external crates like x509-parser.

sigschemes is the list of the SignatureSchemes the server supports.

Return None to continue the handshake without any client authentication. The server may reject the handshake later if it requires authentication.

fn has_certs(&self) -> bool

Return true if any certificates at all are available.

Implementors