pub trait ProducesTickets:
Debug
+ Send
+ Sync {
// Required methods
fn enabled(&self) -> bool;
fn lifetime(&self) -> u32;
fn encrypt(&self, plain: &[u8]) -> Option<Vec<u8>>;
fn decrypt(&self, cipher: &[u8]) -> Option<Vec<u8>>;
}展开描述
A trait 用于 the ability 到 encrypt 并 decrypt tickets.
必需方法§
Sourcefn enabled(&self) -> bool
fn enabled(&self) -> bool
如果此实现会加密/解密 tickets. Should 返回 false if this 是 dummy implementation: the server will not send the SessionTicket extension 并 will not call the other functions.
Sourcefn lifetime(&self) -> u32
fn lifetime(&self) -> u32
Returns the lifetime (单位:秒) of tickets produced now. 此 lifetime , as 一个 hint 到 clients that the ticket will not be useful after the given time.
This lifetime must be implemented by key rolling 并 erasure, not by storing 一个 lifetime in the 票据
此 objective is 到 limit damage 到 forward secrecy caused by tickets, not just limiting their lifetime.
Sourcefn encrypt(&self, plain: &[u8]) -> Option<Vec<u8>>
fn encrypt(&self, plain: &[u8]) -> Option<Vec<u8>>
Encrypt 并 authenticate plain, returning the resulting
票据 Return None if plain cannot be encrypted 用于
some reason: an empty ticket , sent 并 the connection
will continue.
Sourcefn decrypt(&self, cipher: &[u8]) -> Option<Vec<u8>>
fn decrypt(&self, cipher: &[u8]) -> Option<Vec<u8>>
Decrypt cipher, validating its authenticity protection
并 recovering 明文. cipher is fully attacker
controlled, so this decryption must be side-channel free,
panic-proof, 并 otherwise bullet-proof. If the decryption
fails, return None.
实现者§
impl ProducesTickets for TicketRotator
std only.