This was exposed as part of the public API via ServerCertVerifier,
ClientCertVerifier, and structs that implement those two traits.
Transitively, this should expose PayloadU16 as part of the stable API, since
DigitallySignedStruct's `sig` field has type PayloadU16. However, PayloadU16
exposes unnecessary implementation details (specifically, that a given field is
encoded with 16-bit length). Instead, deprecate the `sig` field for public
access and provide a `sig() -> &[u8]` accessor instead.
Expose AlertDescription, ContentType, and HandshakeType, SignatureAlgorithm,
and NamedGroup as part of the stable API. Previously they were part of the
unstable internals API, but were referenced by parts of the stable API.
This avoids a couple of unnecessary allocations: the individual Payloads of the
fragmented messages were allocating and filling a Vec, and the call sites were
allocating a VecDeque to be filled with messages.
Instead, always return an iterator of BorrowedPlainMessage, which the caller can
iterate over.
Previously there were two paths that would check that a max_fragment_size was in
the acceptable range. Now there's just one path: calling set_max_fragment_size.
This provides a way to construct a MessageFragmenter with the default fragment
size that is error-free.
Previously, these were output as long arrays of decimal numbers, which
were noisy and hard to read. As hex numbers, it's a little easier to see
the structure, and if necessary to translate them into binary or decode
them independently.
Also output hex for Random and SessionID Debug impls.
SupportedKxGroup, SupportedCipherSuite, and EnabledVersions have derived
Debug implementations, but these implementations wind up being
excessively noisy. Instead, delegate their Debug implementations to
their underlying enums.
Stores the parsed data for a handshake message payload alongside
the encoded version to avoid having to re-encode the message when
updating the transcript hash. Also avoids encoding outgoing handshake
message payloads twice.
Dynamically load the FFI Library of trust using flutter in Android system. `Connection Failed: tls connection init failed: Interrupted system call (os error 4)`.
`require_handshake_msg` is designed to express message type
requirements: failures of those checks are expensive because
they involve logging output and allocations in the error value.
Introduce `is_handshake_msg` which does the same validation, but
just calculates a bool so is cheap.