This crate allows to use the Windows CNG private keys together with rustls for both client and server side of the TLS channel.
Rationale: in many situations it is required to use non-exportable private certificate chains
from the Windows certificate store. rustls-cng can use such chains in the rustls context.
Supported key/certificate types: RSA, ECDSA/ECDH (secp256r1 and secp384r1 curves).
Documentation is available here.
The central struct to use in rustls-cng is CngSigningKey which can be constructed
from the low-level NCryptKey handle. The instance of CngSigningKey can be then be
used in rustls in the custom ResolvesServerCert or ResolvesClientCert implementation.
See the examples directory for usage examples.
Licensed under MIT or Apache license (LICENSE-MIT or LICENSE-APACHE)