特性 ResolvesClientCert 

pub trait ResolvesClientCert:
    Debug
    + Send
    + Sync {
    // Required methods
    fn resolve(
        &self,
        root_hint_subjects: &[&[u8]],
        sigschemes: &[SignatureScheme],
    ) -> Option<Arc<CertifiedKey>>;
    fn has_certs(&self) -> bool;

    // Provided method
    fn only_raw_public_keys(&self) -> bool { ... }
}

A trait 用于 the ability 到 choose 一个 certificate chain 并 私钥 用于 the purposes of client authentication.

必需方法

fn resolve( &self, root_hint_subjects: &[&[u8]], sigschemes: &[SignatureScheme], ) -> Option<Arc<CertifiedKey>>

Resolve 一个 client certificate chain/私钥 到 use as the client’s identity.

root_hint_subjects 是 optional list of certificate authority subject distinguished names that the client can use 到 help decide on 一个 client certificate the server is likely 到 accept. If the list is empty, the client should send whatever certificate it has. 此 hints are expected 到 be DER-encoded X.500 distinguished names, per RFC 5280 A.1。 ，请参见DistinguishedName 用于 more information on decoding with external crates like x509-parser。

sigschemes 是 list of the SignatureSchemes the server supports.

Return None 到 continue the handshake without any client authentication. 此 server may 拒绝 the handshake later if it requires authentication.

fn has_certs(&self) -> bool

如果存在任何证书，则返回 true

提供方法

fn only_raw_public_keys(&self) -> bool

当客户端仅支持原始公钥时返回 true

，请参见RFC 7250。

实现者

impl ResolvesClientCert for SingleCertAndKey

impl ResolvesClientCert for AlwaysResolvesClientRawPublicKeys