pub struct P256SigningKey(/* private fields */);Expand description
An ECDSA-P256 signing key. Private scalar is zeroed on drop.
Wire form: 64 raw bytes IEEE 1363 (r‖s), base64-encoded with padding
for 88 characters — matching the verify path in
crate::verify::verify_ecdsa_p256. DER-encoded signatures
are NOT compatible with the ACDP registry entry for ecdsa-p256.
Implementations§
Source§impl P256SigningKey
impl P256SigningKey
Sourcepub fn generate() -> Self
pub fn generate() -> Self
Generate a fresh P-256 key pair using the OS RNG.
Recommended for production callers; from_bytes is for loading
previously-stored key material.
Sourcepub fn from_bytes(bytes: &[u8; 32]) -> Result<Self, AcdpError>
pub fn from_bytes(bytes: &[u8; 32]) -> Result<Self, AcdpError>
Construct from 32 raw scalar bytes (big-endian).
Returns AcdpError::SchemaViolation when the scalar is invalid
(e.g. zero or ≥ curve order). The error variant matches the
shape used elsewhere for key-material parse failures
(AgentDid::parse_web, validate_signature_length).
Sourcepub fn from_slice(bytes: &[u8]) -> Result<Self, AcdpError>
pub fn from_slice(bytes: &[u8]) -> Result<Self, AcdpError>
Try to construct from a slice. Returns an error if the length is wrong.
Sourcepub fn sign_content_hash(&self, hash: &ContentHash) -> String
pub fn sign_content_hash(&self, hash: &ContentHash) -> String
Sign the ASCII bytes of the full content_hash string per §5.8.
Uses RFC 6979 deterministic ECDSA (no rng parameter required).
Returns the signature as standard base64 of the 64-byte IEEE 1363
r‖s wire form (88 chars including padding).
Sourcepub fn seed_bytes(&self) -> [u8; 32]
pub fn seed_bytes(&self) -> [u8; 32]
Return the 32-byte raw private scalar (big-endian).
P-256 analogue of SigningKey::seed_bytes. Language bindings
hold this [u8; 32] and reconstruct the P256SigningKey per FFI
call (the key zeroizes its scalar on drop and is not Clone). The
round-trip P256SigningKey::from_bytes(&k.seed_bytes())
reconstructs an identical signing key.
The scalar is private-key material — treat it as a secret and route persistence through a key vault or HSM.
Sourcepub fn sign_string(&self, input: &str) -> String
pub fn sign_string(&self, input: &str) -> String
Sign the UTF-8 bytes of an arbitrary string. Returns the
signature as standard base64 of the 64-byte IEEE 1363 r‖s
wire form (88 chars including padding).
P-256 analogue of SigningKey::sign_string — uses RFC 6979
deterministic ECDSA, so the output is reproducible. Use this for
the ACDP registry’s bearer-token challenge flow when the
producer’s key is ECDSA-P256; the registry verifies with
crate::verify::verify_ecdsa_p256(&sec1, &sig, input).
Sourcepub fn verifying_key_sec1(&self) -> Vec<u8> ⓘ
pub fn verifying_key_sec1(&self) -> Vec<u8> ⓘ
SEC1-uncompressed public key (65 bytes: 0x04 || x || y).
Use this to populate a did:web verification method’s
publicKeyJwk (after splitting into the x / y halves) or
publicKeyMultibase representation.
Sourcepub fn verifying_key_jwk(&self) -> Value
pub fn verifying_key_jwk(&self) -> Value
Return the public key as a P-256 JWK object suitable for
embedding in a did:web verification method’s publicKeyJwk
field:
{ "kty": "EC", "crv": "P-256",
"x": "<base64url-no-pad x>",
"y": "<base64url-no-pad y>" }FEAT-03: lets producers wire a published key into a DID document without manually splitting the SEC1 point and base64url-encoding each half.
Sourcepub fn did_verification_method(
&self,
method_id: &str,
controller: &str,
) -> Value
pub fn did_verification_method( &self, method_id: &str, controller: &str, ) -> Value
Compose a complete verificationMethod entry for a did:web
DID document. method_id is the full DID URL (e.g.
did:web:agents.example.com:alice#key-1); controller is the
containing DID (without fragment).
Output uses the JsonWebKey2020 type so consumers can resolve
the algorithm via
acdp_did::document::VerificationMethod::declared_algorithm
(RFC-ACDP-0008 §3.9 algorithm-downgrade rejection).