Enum mas_keystore::PrivateKey

source ·
#[non_exhaustive]
pub enum PrivateKey { Rsa(Box<RsaPrivateKey>), EcP256(Box<SecretKey<NistP256>>), EcP384(Box<SecretKey<NistP384>>), EcK256(Box<SecretKey<Secp256k1>>), }
Expand description

A single private key

Variants (Non-exhaustive)§

This enum is marked as non-exhaustive
Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.

Implementations§

source§

impl PrivateKey

source

pub fn to_der(&self) -> Result<Zeroizing<Vec<u8>>, Error>

Serialize the key as a DER document

It will use the most common format depending on the key type: PKCS1 for RSA keys and SEC1 for elliptic curve keys

§Errors

Returns an error if the encoding failed

source

pub fn to_pkcs8_der(&self) -> Result<Zeroizing<Vec<u8>>, Error>

Serialize the key as a PKCS8 DER document

§Errors

Returns an error if the encoding failed

source

pub fn to_pem( &self, line_ending: LineEnding, ) -> Result<Zeroizing<String>, Error>

Serialize the key as a PEM document

It will use the most common format depending on the key type: PKCS1 for RSA keys and SEC1 for elliptic curve keys

§Errors

Returns an error if the encoding failed

source

pub fn load(bytes: &[u8]) -> Result<Self, LoadError>

Load an unencrypted PEM or DER encoded key

§Errors

Returns the same kind of errors as Self::load_pem and Self::load_der.

source

pub fn load_encrypted( bytes: &[u8], password: impl AsRef<[u8]>, ) -> Result<Self, LoadError>

Load an encrypted PEM or DER encoded key, and decrypt it with the given password

§Errors

Returns the same kind of errors as Self::load_encrypted_pem and Self::load_encrypted_der.

source

pub fn load_encrypted_der( der: &[u8], password: impl AsRef<[u8]>, ) -> Result<Self, LoadError>

Load an encrypted key from DER-encoded bytes, and decrypt it with the given password

§Errors

Returns an error if:

  • the key is in an non-encrypted format
  • the key could not be decrypted
  • the PKCS8 key could not be loaded
source

pub fn load_der(der: &[u8]) -> Result<Self, LoadError>

Load an unencrypted key from DER-encoded bytes

It tries to decode the bytes from the various known DER formats (PKCS8, SEC1 and PKCS1, in that order), and return the first one that works.

§Errors

Returns an error if:

  • the PKCS8 key is encrypted
  • none of the formats could be decoded
  • the PKCS8/SEC1/PKCS1 key could not be loaded
source

pub fn load_encrypted_pem( pem: &str, password: impl AsRef<[u8]>, ) -> Result<Self, LoadError>

Load an encrypted key from a PEM-encode string, and decrypt it with the given password

§Errors

Returns an error if:

  • the file is not a signel PEM document
  • the PEM label is not a supported format
  • the underlying key is not encrypted (use Self::load instead)
  • the decryption failed
  • the pkcs8 key could not be loaded
source

pub fn load_pem(pem: &str) -> Result<Self, LoadError>

Load an unencrypted key from a PEM-encode string

§Errors

Returns an error if:

  • the file is not a signel PEM document
  • the PEM label is not a supported format
  • the underlying key is encrypted (use Self::load_encrypted instead)
  • the PKCS8/PKCS1/SEC1 key could not be loaded
source

pub fn verifying_key_for_alg( &self, alg: &JsonWebSignatureAlg, ) -> Result<AsymmetricVerifyingKey, WrongAlgorithmError>

Get an [AsymmetricVerifyingKey] out of this key, for the specified [JsonWebSignatureAlg]

§Errors

Returns an error if the key is not suited for the selected algorithm

source

pub fn signing_key_for_alg( &self, alg: &JsonWebSignatureAlg, ) -> Result<AsymmetricSigningKey, WrongAlgorithmError>

Get a [AsymmetricSigningKey] out of this key, for the specified [JsonWebSignatureAlg]

§Errors

Returns an error if the key is not suited for the selected algorithm

source

pub fn generate_rsa<R: RngCore + CryptoRng>(rng: R) -> Result<Self, Error>

Generate a RSA key with 2048 bit size

§Errors

Returns any error from the underlying key generator

source

pub fn generate_ec_p256<R: RngCore + CryptoRng>(rng: R) -> Self

Generate an Elliptic Curve key for the P-256 curve

source

pub fn generate_ec_p384<R: RngCore + CryptoRng>(rng: R) -> Self

Generate an Elliptic Curve key for the P-384 curve

source

pub fn generate_ec_k256<R: RngCore + CryptoRng>(rng: R) -> Self

Generate an Elliptic Curve key for the secp256k1 curve

Trait Implementations§

source§

impl Debug for PrivateKey

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl From<&PrivateKey> for JsonWebKeyPublicParameters

source§

fn from(val: &PrivateKey) -> Self

Converts to this type from the input type.
source§

impl ParametersInfo for PrivateKey

source§

fn kty(&self) -> JsonWebKeyType

source§

fn possible_algs(&self) -> &'static [JsonWebSignatureAlg]

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> IntoEither for T

source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

impl<T> Pointable for T

source§

const ALIGN: usize = _

The alignment of pointer.
source§

type Init = T

The type for initializers.
source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
source§

impl<T> Same for T

source§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

source§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

source§

fn vzip(self) -> V