Enum KeyPair

Source

pub enum KeyPair {
    Ed25519(Ed25519Signer),
}

Expand description

Generic key pair wrapper that can hold any DSA implementation

This provides algorithm-agnostic operations for signing and verification.

Cloning a KeyPair is cheap because the underlying secret keys are stored in Arc, so only the reference is cloned, not the encrypted data.

§Example

use ave_identity::keys::{KeyPair, KeyPairAlgorithm, DSA};

// Generate a key pair
let keypair = KeyPair::generate(KeyPairAlgorithm::Ed25519).expect("Failed to generate key pair");

let message = b"Hello, World!";

// Sign message using generic interface
let signature = keypair.sign(message).unwrap();

// Get public key
let public_key = keypair.public_key();

// Verify
assert!(public_key.verify(message, &signature).is_ok());

Variants§

§

Ed25519(Ed25519Signer)

Implementations§

Source §

impl KeyPair

Source

pub fn generate(key_type: KeyPairAlgorithm) -> Result<Self, CryptoError>

Generate a new random key pair of the specified type

Source

pub fn from_secret_der(der: &[u8]) -> Result<Self, CryptoError>

Create key pair from PKCS#8 DER-encoded secret key

This method automatically detects the algorithm from the OID in the DER structure. Supported OIDs:

Ed25519: 1.3.101.112

§Errors

Returns InvalidDerFormat if the DER structure is malformed
Returns UnsupportedAlgorithm if the algorithm OID is not supported
Returns InvalidSecretKey if the key data is invalid

§Example

use ave_identity::keys::KeyPair;

let der_bytes = std::fs::read("private_key.der").unwrap();
let keypair = KeyPair::from_secret_der(&der_bytes).unwrap();

Source

pub fn from_seed( key_type: KeyPairAlgorithm, seed: &[u8; 32], ) -> Result<Self, CryptoError>

Create key pair from seed

Source

pub fn derive_from_data( key_type: KeyPairAlgorithm, data: &[u8], ) -> Result<Self, CryptoError>

Derive key pair from arbitrary data (will be hashed)

Source

pub fn from_secret_key(secret_key: &[u8]) -> Result<Self, CryptoError>

Create key pair from secret key bytes

Attempts to auto-detect the algorithm from key length. For explicit algorithm selection, use from_secret_key_with_type.

Source

pub fn from_secret_key_with_type( key_type: KeyPairAlgorithm, secret_key: &[u8], ) -> Result<Self, CryptoError>

Create key pair from secret key bytes with explicit type

Source

pub fn key_type(&self) -> KeyPairAlgorithm

Get the key pair type

Source

pub fn sign(&self, message: &[u8]) -> Result<SignatureIdentifier, CryptoError>

Sign a message using the appropriate algorithm

Source

pub fn algorithm(&self) -> DSAlgorithm

Get the algorithm used by this key pair

Source

pub fn algorithm_id(&self) -> u8

Get the algorithm identifier

Source

pub fn public_key_bytes(&self) -> Vec<u8> ⓘ

Get the public key bytes

Source

pub fn public_key(&self) -> PublicKey

Get the public key as a PublicKey wrapper

Source

pub fn secret_key_bytes(&self) -> Result<Vec<u8>, CryptoError>

Get the secret key bytes (if available)

Source

pub fn to_bytes(&self) -> Result<Vec<u8>, CryptoError>

Serialize to bytes (includes algorithm identifier and secret key)

§Warning

This exposes the secret key. Use with extreme caution.

Source

pub fn from_bytes(bytes: &[u8]) -> Result<Self, CryptoError>

Deserialize from bytes (includes algorithm identifier)

Source

pub fn to_secret_der(&self) -> Result<Vec<u8>, CryptoError>

Serialize to PKCS#8 DER format

This creates a DER-encoded PKCS#8 PrivateKeyInfo structure containing the secret key and algorithm identifier.

§Errors

Returns InvalidSecretKey if the secret key cannot be retrieved

§Example

use ave_identity::keys::{KeyPair, KeyPairAlgorithm};

let keypair = KeyPair::generate(KeyPairAlgorithm::Ed25519).unwrap();
let der_bytes = keypair.to_secret_der().unwrap();
std::fs::write("private_key.der", der_bytes).unwrap();