Struct aws_lc_rs::signature::EcdsaKeyPair

pub struct EcdsaKeyPair { /* private fields */ }

An ECDSA key pair, used for signing.

Implementations

impl EcdsaKeyPair

pub fn generate( alg: &'static EcdsaSigningAlgorithm ) -> Result<Self, Unspecified>

Generates a new key pair.

Errors

error::Unspecified on internal error.

pub fn from_pkcs8( alg: &'static EcdsaSigningAlgorithm, pkcs8: &[u8] ) -> Result<Self, KeyRejected>

Constructs an ECDSA key pair by parsing an unencrypted PKCS#8 v1 id-ecPublicKey ECPrivateKey key.

Errors

error::KeyRejected if bytes do not encode an ECDSA key pair or if the key is otherwise not acceptable.

pub fn generate_pkcs8( alg: &'static EcdsaSigningAlgorithm, _rng: &dyn SecureRandom ) -> Result<Document, Unspecified>

Generates a new key pair and returns the key pair serialized as a PKCS#8 v1 document.

ring Compatibility

Our implementation ignores the SecureRandom parameter.

Errors

error::Unspecified on internal error.

pub fn to_pkcs8v1(&self) -> Result<Document, Unspecified>

Serializes this EcdsaKeyPair into a PKCS#8 v1 document.

Errors

error::Unspecified on internal error.

pub fn from_private_key_and_public_key( alg: &'static EcdsaSigningAlgorithm, private_key: &[u8], public_key: &[u8] ) -> Result<Self, KeyRejected>

Constructs an ECDSA key pair from the private key and public key bytes

The private key must encoded as a big-endian fixed-length integer. For example, a P-256 private key must be 32 bytes prefixed with leading zeros as needed.

The public key is encoding in uncompressed form using the Octet-String-to-Elliptic-Curve-Point algorithm in SEC 1: Elliptic Curve Cryptography, Version 2.0.

This is intended for use by code that deserializes key pairs. It is recommended to use EcdsaKeyPair::from_pkcs8() (with a PKCS#8-encoded key) instead.

Errors

error::KeyRejected if parsing failed or key otherwise unacceptable.

pub fn from_private_key_der( alg: &'static EcdsaSigningAlgorithm, private_key: &[u8] ) -> Result<Self, KeyRejected>

Deserializes a DER-encoded private key structure to produce a EcdsaKeyPair.

This function is typically used to deserialize RFC 5915 encoded private keys, but it will attempt to automatically detect other key formats. This function supports unencrypted PKCS#8 PrivateKeyInfo structures as well as key type specific formats.

See EcdsaPrivateKey::as_der.

Errors

error::KeyRejected if parsing failed or key otherwise unacceptable.

Panics

pub fn private_key(&self) -> PrivateKey<'_>

Access functions related to the private key.

pub fn sign( &self, _rng: &dyn SecureRandom, message: &[u8] ) -> Result<Signature, Unspecified>

Returns the signature of the message using a random nonce.

ring Compatibility

Our implementation ignores the SecureRandom parameter.

Errors

error::Unspecified on internal error.

Trait Implementations

impl Debug for EcdsaKeyPair

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter.

impl KeyPair for EcdsaKeyPair

fn public_key(&self) -> &Self::PublicKey

Provides the public key.

type PublicKey = PublicKey

The type of the public key.

impl Send for EcdsaKeyPair

impl Sync for EcdsaKeyPair