Enum mas_keystore::PrivateKey
source · #[non_exhaustive]pub enum PrivateKey {
Rsa(Box<RsaPrivateKey>),
EcP256(Box<SecretKey<NistP256>>),
EcP384(Box<SecretKey<NistP384>>),
EcK256(Box<SecretKey<Secp256k1>>),
}
Expand description
A single private key
Variants (Non-exhaustive)§
This enum is marked as non-exhaustive
Rsa(Box<RsaPrivateKey>)
EcP256(Box<SecretKey<NistP256>>)
EcP384(Box<SecretKey<NistP384>>)
EcK256(Box<SecretKey<Secp256k1>>)
Implementations§
source§impl PrivateKey
impl PrivateKey
sourcepub fn to_der(&self) -> Result<Zeroizing<Vec<u8>>, Error>
pub fn to_der(&self) -> Result<Zeroizing<Vec<u8>>, Error>
Serialize the key as a DER document
It will use the most common format depending on the key type: PKCS1 for RSA keys and SEC1 for elliptic curve keys
§Errors
Returns an error if the encoding failed
sourcepub fn to_pem(
&self,
line_ending: LineEnding,
) -> Result<Zeroizing<String>, Error>
pub fn to_pem( &self, line_ending: LineEnding, ) -> Result<Zeroizing<String>, Error>
Serialize the key as a PEM document
It will use the most common format depending on the key type: PKCS1 for RSA keys and SEC1 for elliptic curve keys
§Errors
Returns an error if the encoding failed
sourcepub fn load(bytes: &[u8]) -> Result<Self, LoadError>
pub fn load(bytes: &[u8]) -> Result<Self, LoadError>
Load an unencrypted PEM or DER encoded key
§Errors
Returns the same kind of errors as Self::load_pem
and
Self::load_der
.
sourcepub fn load_encrypted(
bytes: &[u8],
password: impl AsRef<[u8]>,
) -> Result<Self, LoadError>
pub fn load_encrypted( bytes: &[u8], password: impl AsRef<[u8]>, ) -> Result<Self, LoadError>
Load an encrypted PEM or DER encoded key, and decrypt it with the given password
§Errors
Returns the same kind of errors as Self::load_encrypted_pem
and
Self::load_encrypted_der
.
sourcepub fn load_encrypted_der(
der: &[u8],
password: impl AsRef<[u8]>,
) -> Result<Self, LoadError>
pub fn load_encrypted_der( der: &[u8], password: impl AsRef<[u8]>, ) -> Result<Self, LoadError>
Load an encrypted key from DER-encoded bytes, and decrypt it with the given password
§Errors
Returns an error if:
- the key is in an non-encrypted format
- the key could not be decrypted
- the PKCS8 key could not be loaded
sourcepub fn load_der(der: &[u8]) -> Result<Self, LoadError>
pub fn load_der(der: &[u8]) -> Result<Self, LoadError>
Load an unencrypted key from DER-encoded bytes
It tries to decode the bytes from the various known DER formats (PKCS8, SEC1 and PKCS1, in that order), and return the first one that works.
§Errors
Returns an error if:
- the PKCS8 key is encrypted
- none of the formats could be decoded
- the PKCS8/SEC1/PKCS1 key could not be loaded
sourcepub fn load_encrypted_pem(
pem: &str,
password: impl AsRef<[u8]>,
) -> Result<Self, LoadError>
pub fn load_encrypted_pem( pem: &str, password: impl AsRef<[u8]>, ) -> Result<Self, LoadError>
Load an encrypted key from a PEM-encode string, and decrypt it with the given password
§Errors
Returns an error if:
- the file is not a signel PEM document
- the PEM label is not a supported format
- the underlying key is not encrypted (use
Self::load
instead) - the decryption failed
- the pkcs8 key could not be loaded
sourcepub fn load_pem(pem: &str) -> Result<Self, LoadError>
pub fn load_pem(pem: &str) -> Result<Self, LoadError>
Load an unencrypted key from a PEM-encode string
§Errors
Returns an error if:
- the file is not a signel PEM document
- the PEM label is not a supported format
- the underlying key is encrypted (use
Self::load_encrypted
instead) - the PKCS8/PKCS1/SEC1 key could not be loaded
sourcepub fn verifying_key_for_alg(
&self,
alg: &JsonWebSignatureAlg,
) -> Result<AsymmetricVerifyingKey, WrongAlgorithmError>
pub fn verifying_key_for_alg( &self, alg: &JsonWebSignatureAlg, ) -> Result<AsymmetricVerifyingKey, WrongAlgorithmError>
Get an [AsymmetricVerifyingKey
] out of this key, for the specified
[JsonWebSignatureAlg
]
§Errors
Returns an error if the key is not suited for the selected algorithm
sourcepub fn signing_key_for_alg(
&self,
alg: &JsonWebSignatureAlg,
) -> Result<AsymmetricSigningKey, WrongAlgorithmError>
pub fn signing_key_for_alg( &self, alg: &JsonWebSignatureAlg, ) -> Result<AsymmetricSigningKey, WrongAlgorithmError>
Get a [AsymmetricSigningKey
] out of this key, for the specified
[JsonWebSignatureAlg
]
§Errors
Returns an error if the key is not suited for the selected algorithm
sourcepub fn generate_ec_p256<R: RngCore + CryptoRng>(rng: R) -> Self
pub fn generate_ec_p256<R: RngCore + CryptoRng>(rng: R) -> Self
Generate an Elliptic Curve key for the P-256 curve
sourcepub fn generate_ec_p384<R: RngCore + CryptoRng>(rng: R) -> Self
pub fn generate_ec_p384<R: RngCore + CryptoRng>(rng: R) -> Self
Generate an Elliptic Curve key for the P-384 curve
sourcepub fn generate_ec_k256<R: RngCore + CryptoRng>(rng: R) -> Self
pub fn generate_ec_k256<R: RngCore + CryptoRng>(rng: R) -> Self
Generate an Elliptic Curve key for the secp256k1 curve
Trait Implementations§
source§impl Debug for PrivateKey
impl Debug for PrivateKey
source§impl From<&PrivateKey> for JsonWebKeyPublicParameters
impl From<&PrivateKey> for JsonWebKeyPublicParameters
source§fn from(val: &PrivateKey) -> Self
fn from(val: &PrivateKey) -> Self
source§impl ParametersInfo for PrivateKey
impl ParametersInfo for PrivateKey
Auto Trait Implementations§
impl Freeze for PrivateKey
impl RefUnwindSafe for PrivateKey
impl Send for PrivateKey
impl Sync for PrivateKey
impl Unpin for PrivateKey
impl UnwindSafe for PrivateKey
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<T> IntoEither for T
impl<T> IntoEither for T
source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moresource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read more